Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
awesome-ai-cybersecurity
Welcome to the ultimate list of resources for AI in cybersecurity. This repository aims to provide an organized collection of high-quality resources to help professionals, researchers, and enthusiasts stay updated and advance their knowledge in the field.
https://github.com/elniak/awesome-ai-cybersecurity
Last synced: 3 days ago
JSON representation
-
Using AI for Pentesting
-
Prediction
- DeepExploit - Fully automated penetration testing framework using machine learning. It uses reinforcement learning to improve its attack strategies over time.
- open-appsec - Open-appsec is an open source machine-learning security engine that preemptively and automatically prevents threats against Web Application & APIs.
- SEMA
- Malware environment for OpenAI Gym - Create an AI that learns through reinforcement learning which functionality-preserving transformations to make on a malware sample to break through / bypass machine learning static-analysis malware detection.
- OpenVAS - An open-source vulnerability scanner and vulnerability management solution. AI can be used to improve the identification and prioritization of vulnerabilities based on their potential impact and likelihood of exploitation.
- SEMA - ToolChain using Symbolic Execution for Malware Analysis. SEMA provides a framework for symbolic execution to extract execution traces and build system call dependency graphs (SCDGs). These graphs are used for malware classification and analysis, enabling the detection of malware based on symbolic execution and machine learning techniques.
-
Prevention
- OSSEC - An open-source host-based intrusion detection system (HIDS). AI can enhance OSSEC by providing advanced anomaly detection and predictive analysis to identify potential threats before they materialize.
- Snort IDS - An open-source network IDS and IPS capable of real-time traffic analysis and packet logging. Snort can leverage AI for anomaly detection and to enhance its pattern matching algorithms for better intrusion detection.
- PANTHER - PANTHER combines advanced techniques in network protocol verification, integrating the Shadow network simulator with the Ivy formal verification tool. This framework allows for detailed examination of time properties in network protocols and identifies real-world implementation errors. It supports multiple protocols and can simulate advanced persistent threats (APTs) in network protocols.
-
Detection
- MARK
- Zeek - A powerful network analysis framework focused on security monitoring. AI can be integrated to analyze network traffic patterns and detect anomalies indicative of security threats.
- AIEngine - Next-generation interactive/programmable packet inspection engine with IDS functionality. AIEngine uses machine learning to improve packet inspection and anomaly detection, adapting to new threats over time.
- MARK - The multi-agent ranking framework (MARK) aims to provide all the building blocks required to build large-scale detection and ranking systems. It includes distributed storage suited for BigData applications, a web-based visualization and management interface, a distributed execution framework for detection algorithms, and an easy-to-configure triggering mechanism. This allows data scientists to focus on developing effective detection algorithms.
-
Response
- Metasploit
- PentestGPT
- Cortex
- Metasploit - A tool for developing and executing exploit code against a remote target machine. AI can be used to automate the selection of exploits and optimize the attack vectors based on target vulnerabilities.
- PentestGPT - PentestGPT provides advanced AI and integrated tools to help security teams conduct comprehensive penetration tests effortlessly. Scan, exploit, and analyze web applications, networks, and cloud environments with ease and precision, without needing expert skills.
- Cortex - A powerful and flexible observable analysis and active response engine. AI can be used in Cortex to automate the analysis of observables and enhance threat detection capabilities.
-
Monitoring/Scanning
- Burp Suite - A leading range of cybersecurity tools, brought to you by PortSwigger. Burp Suite can integrate AI to automate vulnerability detection and improve the efficiency of web application security testing.
- Burp Suite
- Nikto
- Nikto - An open-source web server scanner which performs comprehensive tests against web servers for multiple items. AI can help Nikto by automating the identification of complex vulnerabilities and enhancing detection accuracy.
- MISP - Open source threat intelligence platform for gathering, sharing, storing, and correlating Indicators of Compromise (IoCs). AI can enhance the efficiency of threat detection and response by automating data analysis and correlation.
-
Tutorials and Guides
- article
- article
- article
- article
- article
- IBM Cybersecurity Analyst
- article
- sequence
- post
- IBM Cybersecurity Analyst
- article
- article
- article
- article
- article
- article
- article
- article
- article
- article
- article
- article
- article
- article
- article
- article
- article
- article
- article
- article
- article
- article
- article
- article
- Machine learning approaches to IoT security - A systematic literature review
- article
- article
- article
- article
- article
- article
- article
- article
- article
- article
- article
- article
- Review - machine learning techniques applied to cybersecurity
- Cybersecurity data science - an overview from machine learning perspective
- AI infosec - first strikes, zero-day markets, hardware supply chains, adoption barriers
- AI Safety in a World of Vulnerable Machine Learning Systems
- IBM Cybersecurity Analyst - Get ready to launch your career in cybersecurity. Build job-ready skills for an in-demand role in the field, no degree or prior experience required.
-
-
Securing AI SaaS
-
Case Studies
- Microsoft AI Security
- Google AI Security
- Microsoft AI Security - Case studies on securing AI applications in SaaS environments. These case studies demonstrate how AI can be used to enhance security and protect against evolving threats.
- Google AI Security - Insights and case studies from Google on how to secure AI applications in the cloud.
-
Best Practices
- NIST AI RMF
- NIST AI RMF - A framework for managing risks associated with AI in SaaS. It provides guidelines on how to implement AI securely, focusing on risk assessment, mitigation, and governance.
-
Tools
-
Network Protection
- A Survey of Network Anomaly Detection Techniques - Discusses various techniques and methods for detecting anomalies in network traffic.
- Machine Learning Techniques for Intrusion Detection - A comprehensive survey on various ML techniques used for intrusion detection.
- Shallow and Deep Networks Intrusion Detection System - A Taxonomy and Survey - A taxonomy and survey of shallow and deep learning techniques for intrusion detection.
- A Taxonomy and Survey of Intrusion Detection System Design Techniques, Network Threats and Datasets - An in-depth review of IDS design techniques and relevant datasets.
-
Application Security
- Adaptively Detecting Malicious Queries in Web Attacks - Proposes methods for detecting malicious web queries.
- garak - NVIDIA LLM vulnerability scanner.
-
User Behavior Analysis
- Detecting Anomalous User Behavior Using an Extended Isolation Forest Algorithm - Discusses an extended isolation forest algorithm for detecting anomalous user behavior.
-
Process Behavior (Fraud Detection)
- A Survey of Credit Card Fraud Detection Techniques - A survey on various techniques for credit card fraud detection.
- Anomaly Detection in Industrial Control Systems Using CNNs - Discusses the use of convolutional neural networks for anomaly detection in industrial control systems.
-
Books & Survey Papers
- Machine Learning and Security - Discusses the application of machine learning in security.
- Malware Data Science - Covers data science techniques for malware analysis.
- AI for Cybersecurity - A Handbook of Use Cases - A handbook on various use cases of AI in cybersecurity.
- Deep Learning Algorithms for Cybersecurity Applications - A Technological and Status Review - Reviews the state of deep learning algorithms in cybersecurity applications.
-
Offensive Tools and Frameworks
- DeepFool - A method to fool deep neural networks.
- Snaike-MLflow - A suite of red team tools for MLflow.
- HackGPT - A tool leveraging ChatGPT for hacking purposes.
- HackingBuddyGPT - An automated penetration tester.
- Charcuterie - Code execution techniques for machine learning libraries.
- garak - A security probing tool for large language models (LLMs).
- Deep-pwning - A lightweight framework for evaluating machine learning model robustness against adversarial attacks.
- Counterfit - An automation layer for assessing the security of machine learning systems.
-
Adversarial Tools
- Exploring the Space of Adversarial Images - A tool to experiment with adversarial images.
- Adversarial Machine Learning Library (Ad-lib) - A game-theoretic library for adversarial machine learning.
- EasyEdit - A tool to modify the ground truths of large language models (LLMs).
-
Poisoning Tools
- BadDiffusion - Official repository to reproduce the paper "How to Backdoor Diffusion Models?" published at CVPR 2023.
-
Privacy Tools
- PrivacyRaven - A privacy testing library for deep learning systems.
-
Defensive Tools and Frameworks
- langkit - A toolkit for monitoring language models and detecting attacks.
- Python Differential Privacy Library - A library for implementing differential privacy.
- Diffprivlib - IBM's differential privacy library.
- Cloaked AI - Open source property-preserving encryption for vector embeddings.
- ProtectAI's model scanner - A security scanner for detecting suspicious actions in serialized ML models.
- StringSifter - A tool that ranks strings based on their relevance for malware analysis.
- PLOT4ai - A threat modeling library for building responsible AI.
- Guardrail.ai - A Python package to add structure, type, and quality guarantees to the outputs of large language models (LLMs).
- TenSEAL - A library for performing homomorphic encryption operations on tensors.
- SyMPC - A secure multiparty computation library.
- PyVertical - Privacy-preserving vertical federated learning.
-
Endpoint Protection
- Deep Learning at the Shallow End - Malware Classification for Non-Domain Experts - Discusses deep learning techniques for malware classification.
- Malware Detection by Eating a Whole EXE - Presents a method for detecting malware by analyzing entire executable files.
-
Intrusion Detection and Prevention Systems (IDS/IPS)
- Next-Generation Intrusion Detection Systems - Discusses advancements in intrusion detection systems.
-
-
2. Network Protection
-
Tools
- A Survey of Network Anomaly Detection Techniques
- Shallow and Deep Networks Intrusion Detection System: A Taxonomy and Survey
- A Taxonomy and Survey of Intrusion Detection System Design Techniques, Network Threats and Datasets - depth review of IDS design techniques and relevant datasets.
-
-
3. Endpoint Protection
-
4. Application Security
-
5. User Behavior Analysis
-
6. Process Behavior (Fraud Detection)
-
7. Intrusion Detection and Prevention Systems (IDS/IPS)
-
8. Books & Survey Papers
-
9. Offensive Tools and Frameworks
-
Generic Tools
-
Adversarial Tools
-
Poisoning Tools
-
-
10. Defensive Tools and Frameworks
-
Safety and Prevention
-
Detection Tools
-
Privacy and Confidentiality
- Python Differential Privacy Library
- Diffprivlib
- PLOT4ai
- TenSEAL
- SyMPC
- PyVertical - preserving vertical federated learning.
- Cloaked AI - preserving encryption for vector embeddings.
-
-
11. Resources for Learning
-
Privacy and Confidentiality
-
-
12. Uncategorized Useful Resources
-
Theoretical Resources
-
Uncategorized Useful Resources
- NIST AIRC - NIST Trustworthy & Responsible AI Resource Center.
- The MLSecOps Top 10 - Top 10 security practices for machine learning operations.
- OWASP ML TOP 10 - The top 10 machine learning security risks identified by OWASP.
- OWASP LLM TOP 10 - The top 10 security risks for large language models as identified by OWASP.
- OWASP AI Security and Privacy Guide - A guide to securing AI systems and ensuring privacy.
- OWASP WrongSecrets LLM exercise - An exercise for testing AI model security.
- ENISA Multilayer Framework for Good Cybersecurity Practices for AI - A framework for good cybersecurity practices in AI.
-
Research Papers
- Robust Physical-World Attacks on Deep Learning Models - Examines physical-world attacks on deep learning models.
- The Space of Transferable Adversarial Examples - Discusses transferable adversarial examples in deep learning.
- High Dimensional Spaces, Deep Learning and Adversarial Examples - Discusses the challenges of adversarial examples in high-dimensional spaces.
- Adversarial Task Allocation - Explores adversarial task allocation in machine learning systems.
-
Resources for Learning
- MLSecOps podcast - A podcast dedicated to the intersection of machine learning and security operations.
-
-
13. Research Papers
-
Adversarial Examples and Attacks
- High Dimensional Spaces, Deep Learning and Adversarial Examples - dimensional spaces.
- Adversarial Task Allocation
- Robust Physical-World Attacks on Deep Learning Models - world attacks on deep learning models.
- RHMD: Evasion-Resilient Hardware Malware Detectors - based malware detectors resilient to evasion.
- The Space of Transferable Adversarial Examples
- RHMD: Evasion-Resilient Hardware Malware Detectors - based malware detectors resilient to evasion.
- Generic Black-Box End-to-End Attack against RNNs and Other API Calls Based Malware Classifiers - box attacks on RNNs and malware classifiers.
- Generic Black-Box End-to-End Attack against RNNs and Other API Calls Based Malware Classifiers - box attacks on RNNs and malware classifiers.
- Vulnerability of Deep Reinforcement Learning to Policy Induction Attacks
- Can you fool AI with adversarial examples on a visual Turing test?
- Can you fool AI with adversarial examples on a visual Turing test?
- Explaining and Harnessing Adversarial Examples
- Delving into Adversarial Attacks on Deep Policies
- Crafting Adversarial Input Sequences for Recurrent Neural Networks
- Practical Black-Box Attacks against Machine Learning - box attacks on machine learning models.
- Data Driven Exploratory Attacks on Black Box Classifiers in Adversarial Domains - driven attacks on black-box classifiers.
- Explaining and Harnessing Adversarial Examples
- Delving into Adversarial Attacks on Deep Policies
- Crafting Adversarial Input Sequences for Recurrent Neural Networks
- Practical Black-Box Attacks against Machine Learning - box attacks on machine learning models.
- Generating Adversarial Malware Examples for Black-Box Attacks Based on GAN
- Data Driven Exploratory Attacks on Black Box Classifiers in Adversarial Domains - driven attacks on black-box classifiers.
- Fast Feature Fool: A Data-Independent Approach to Universal Adversarial Perturbations
- Simple Black-Box Adversarial Perturbations for Deep Networks - box adversarial perturbations.
- Wild Patterns: Ten Years After the Rise of Adversarial Machine Learning
- Fast Feature Fool: A Data-Independent Approach to Universal Adversarial Perturbations
- Simple Black-Box Adversarial Perturbations for Deep Networks - box adversarial perturbations.
- Wild Patterns: Ten Years After the Rise of Adversarial Machine Learning
- One Pixel Attack for Fooling Deep Neural Networks - pixel modification can fool deep neural networks.
- FedMLSecurity: A Benchmark for Attacks and Defenses in Federated Learning and LLMs
- Jailbroken: How Does LLM Safety Training Fail?
- One Pixel Attack for Fooling Deep Neural Networks - pixel modification can fool deep neural networks.
- FedMLSecurity: A Benchmark for Attacks and Defenses in Federated Learning and LLMs
- Jailbroken: How Does LLM Safety Training Fail?
- Bad Characters: Imperceptible NLP Attacks
- Bad Characters: Imperceptible NLP Attacks
- Universal and Transferable Adversarial Attacks on Aligned Language Models
- Universal and Transferable Adversarial Attacks on Aligned Language Models
- Exploring the Vulnerability of Natural Language Processing Models via Universal Adversarial Texts
- Adversarial Examples Are Not Bugs, They Are Features
- Exploring the Vulnerability of Natural Language Processing Models via Universal Adversarial Texts
- Adversarial Examples Are Not Bugs, They Are Features
- Adversarial Attacks on Tables with Entity Swap
- Here Comes the AI Worm: Unleashing Zero-click Worms that Target GenAI-Powered Applications - click worms targeting AI-powered applications.
- Adversarial Attacks on Tables with Entity Swap
- Here Comes the AI Worm: Unleashing Zero-click Worms that Target GenAI-Powered Applications - click worms targeting AI-powered applications.
-
Model Extraction
-
Evasion
- Looking at the Bag is not Enough to Find the Bomb: An Evasion of Structural Methods for Malicious PDF Files Detection
- Adversarial Demonstration Attacks on Large Language Models
- Looking at the Bag is not Enough to Find the Bomb: An Evasion of Structural Methods for Malicious PDF Files Detection
- Adversarial Generative Nets: Neural Network Attacks on State-of-the-Art Face Recognition
- Adversarial Generative Nets: Neural Network Attacks on State-of-the-Art Face Recognition
- Query Strategies for Evading Convex-Inducing Classifiers - inducing classifiers.
- Query Strategies for Evading Convex-Inducing Classifiers - inducing classifiers.
- Adversarial Prompting for Black Box Foundation Models
- Adversarial Prompting for Black Box Foundation Models
-
Programming Languages
Categories
Using AI for Pentesting
76
13. Research Papers
58
Securing AI SaaS
47
Theoretical Resources
12
10. Defensive Tools and Frameworks
10
9. Offensive Tools and Frameworks
9
12. Uncategorized Useful Resources
5
2. Network Protection
3
8. Books & Survey Papers
3
6. Process Behavior (Fraud Detection)
2
3. Endpoint Protection
2
7. Intrusion Detection and Prevention Systems (IDS/IPS)
1
4. Application Security
1
5. User Behavior Analysis
1
11. Resources for Learning
1
Sub Categories
Tutorials and Guides
52
Adversarial Examples and Attacks
46
Privacy and Confidentiality
13
Tools
11
Defensive Tools and Frameworks
11
Evasion
9
Offensive Tools and Frameworks
8
Uncategorized Useful Resources
7
Generic Tools
7
Prediction
6
Response
6
Monitoring/Scanning
5
Books & Survey Papers
4
Network Protection
4
Research Papers
4
Case Studies
4
Detection
4
Adversarial Tools
4
Prevention
3
Model Extraction
3
8.1 Books
3
Process Behavior (Fraud Detection)
2
Safety and Prevention
2
Best Practices
2
Application Security
2
Endpoint Protection
2
Poisoning Tools
2
User Behavior Analysis
1
Intrusion Detection and Prevention Systems (IDS/IPS)
1
Detection Tools
1
Resources for Learning
1
Privacy Tools
1
Keywords
python
14
machine-learning
7
large-language-models
5
cryptography
4
cpp
4
llm
4
openai
4
differential-privacy
4
dfir
3
malware
3
deep-learning
3
privacy
3
ai
3
chatgpt
3
foundation-model
2
gpt-3
2
nlg
2
nlp
2
analysis
2
analyzer
2
api
2
cortex
2
cyber-threat-intelligence
2
observability
2
digital-forensics
2
engine
2
prompt-engineering
2
security-incidents
2
thehive
2
chatbot
2
chatgpt-api
2
chatgpt-app
2
chatgpt-python
2
chatgpt3
2
chatgpt4
2
malwareanalysis
2
managers
2
openai-api
2
penetration-testing
2
pentesting
2
scala
2
rest
2
response
2
open-source
2
observable
2
iocs
2
incident-response
2
free-software
2
free
2
cybersecurity
2