Giter Club home page Giter Club logo

Comments (6)

TmmmmmR avatar TmmmmmR commented on June 19, 2024 3

One of the AI use cases I see integrating with ZAP is "API sequencing" using only the Swagger file as an input. The starting point would be a Swagger definition file, and the goal would be to generate HTTP calls that simulate real user actions. For example, let's suppose we have an API that manage products, the prompt will ask the LLM to generate API calls to simulate a real user calling these APIz through an SPA, like, first creating a product, the. viewing the product, viewing all products, searching for a product, and then deleting it, etc. This could be highly beneficial during the crawling stage of an API scan. I would be happy to work on this and mentor the future intern tasked with this integration.

from zaproxy.

psiinon avatar psiinon commented on June 19, 2024

https://www.reddit.com/r/AskNetsec/comments/1astsqu/feedback_wanted_a_saasbased_security_tool_with/

from zaproxy.

psiinon avatar psiinon commented on June 19, 2024

https://arxiv.org/abs/2402.06664

from zaproxy.

psiinon avatar psiinon commented on June 19, 2024

https://medium.com/@danieldkang/llm-agents-can-autonomously-hack-websites-ab33fadb3062 - from one of the authors of the above research

from zaproxy.

vl-gx avatar vl-gx commented on June 19, 2024

Recently Google relased an Open Source AI powered filetype identificator. It could be useful to better infer static filetypes: https://opensource.googleblog.com/2024/02/magika-ai-powered-fast-and-efficient-file-type-identification.html

I guess a lot of analysts do loose time with false positives.

from zaproxy.

psiinon avatar psiinon commented on June 19, 2024

Thanks @TmmmmmR - thats a very good suggestion.
No one is assigned to this (and we were not accepted as a GSoC mentoring org this year) but if you fancy on working on this anyway I'd be delighted to have a call with you...

from zaproxy.

Related Issues (20)

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.