{"id":17972227,"url":"https://github.com/Trivulzianus/BugGPT","last_synced_at":"2025-03-25T12:32:50.004Z","repository":{"id":259076496,"uuid":"876253110","full_name":"Trivulzianus/BugGPT","owner":"Trivulzianus","description":"OpenAI o1 advanced reasoning powered vulnerable web page generator for testing and educational purposes","archived":false,"fork":false,"pushed_at":"2025-01-18T12:20:30.000Z","size":771,"stargazers_count":184,"open_issues_count":0,"forks_count":14,"subscribers_count":7,"default_branch":"master","last_synced_at":"2025-01-18T13:35:07.074Z","etag":null,"topics":["artificial-intelligence","cybersecurity","hacking","large-language-models"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/Trivulzianus.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-10-21T16:49:33.000Z","updated_at":"2025-01-18T12:20:31.000Z","dependencies_parsed_at":"2024-11-09T13:22:43.349Z","dependency_job_id":"638b8de4-c61e-4f46-9e2d-78c6d07e6905","html_url":"https://github.com/Trivulzianus/BugGPT","commit_stats":null,"previous_names":["trivulzianus/buggpt"],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Trivulzianus%2FBugGPT","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Trivulzianus%2FBugGPT/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Trivulzianus%2FBugGPT/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/Trivulzianus%2FBugGPT/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/Trivulzianus","download_url":"https://codeload.github.com/Trivulzianus/BugGPT/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245462885,"owners_count":20619576,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["artificial-intelligence","cybersecurity","hacking","large-language-models"],"created_at":"2024-10-29T16:01:12.699Z","updated_at":"2025-03-25T12:32:49.768Z","avatar_url":"https://github.com/Trivulzianus.png","language":"Python","funding_links":[],"categories":["Python"],"sub_categories":[],"readme":"# BugGPT\n\n**BugGPT** is an open-source project that automatically generates vulnerable web applications for security practitioners to practice and enhance their web security skills. **This project leverages OpenAI's o1 advanced reasoning AI models** to create random, engaging, and complex web pages containing various vulnerabilities, providing a challenge for those looking to test their hacking skills. Each 'room' contains the vulnerable web page, and docs explaining the exploit and best practices for developers to mitigate this risk.\n\n## Key Features\n\n- **Vulnerability Variety**: Each generated web page contains a different vulnerability, ranging from SQL Injection, XSS, SSRF, IDOR, XXE, and more.\n- **Automated Generation**: Web pages are generated automatically every 8 hours, ensuring a continuous flow of new challenges.\n- **Realistic Scenarios**: The web apps created are designed to mimic real-world scenarios, offering a realistic testing environment.\n- **Randomization**: Each vulnerability is selected at random, and the app is designed with a narrative, making it harder to determine the exact flaw.\n- **Easy Integration**: With GitHub Actions in place, BugGPT continuously generates and pushes new vulnerable apps to the repository.\n  \n## Project Structure\n\n- **page_generator.py**: The script responsible for generating new vulnerable web pages using OpenAI's API.\n- **Rooms**: Each generated web page is stored as a `Room_x.py` file in this directory, where `x` is the room number.\n\n## How it Works\n\n1. **Vulnerability Generation**: BugGPT uses a predefined list of vulnerabilities and randomly selects one for each new web page.\n2. **OpenAI Integration**: The page is generated by sending a prompt to the OpenAI GPT-4 model, instructing it to create a complex web app based on the chosen vulnerability.\n3. **Flask Web App**: Each generated web page is a Python Flask app that you can run locally to explore the vulnerabilities.\n4. **Automated Workflow**: A GitHub Action is scheduled to run every 8 hours, executing `page_generator.py`, which generates a new vulnerable app and commits it to the repository.\n\n## How to Use BugGPT\n\n1. **Clone the Repository**:\n   ```bash\n   git clone https://github.com/Trivulzianus/BugGPT.git\n   cd BugGPT\n\n2. **Install Dependencies: Ensure you have the necessary dependencies installed before running the script:**\n\n    ```bash\n    pip install -r requirements.txt\n3. **Run Main.py, and select the room number you'd like to hack, or random**\n\n   ```bash\n   python3 main.py X (-\u003e room number)\n 4. **View the Vulnerable Web App:**\n     After generating a new room, the Flask app will run locally. You can open your browser and visit the app to test your skills.\n\n## GitHub Actions Workflow\n\nThe project is set up with a GitHub Actions workflow that automatically runs page_generator.py every 8 hours, pushing new vulnerable rooms to the repository. If you want to manually trigger the generation of a new room, you can do so from the GitHub Actions tab in the repository.\n\n## Contributing\n\nContributions are welcome! If you'd like to contribute to BugGPT, feel free to fork the repository and submit a pull request.\n\n    Fork the project.\n    Create your feature branch (git checkout -b feature/new-feature).\n    Commit your changes (git commit -m 'Add new feature').\n    Push to the branch (git push origin feature/new-feature).\n    Open a pull request.\n\n## License\n\nThis project is licensed under the MIT License.\n\n## Disclaimer\n\nBugGPT is a project designed for educational purposes only. Please use responsibly. Do not deploy or use the generated web apps in any real-world scenario or environment where unauthorized access could occur.\n\n# Happy Hacking with BugGPT!\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FTrivulzianus%2FBugGPT","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FTrivulzianus%2FBugGPT","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FTrivulzianus%2FBugGPT/lists"}