https://github.com/rubenszimbres/cyberbotllm

4 chatbots with memory made with Langchain, VertexAI and Gemini, as a cyber challenge to capture and expose RAG content.
https://github.com/rubenszimbres/cyberbotllm

chatbot cybersecurity generative-ai google-cloud llm vertex-ai

Last synced: 5 months ago
JSON representation

4 chatbots with memory made with Langchain, VertexAI and Gemini, as a cyber challenge to capture and expose RAG content.

• Host: GitHub
• URL: https://github.com/rubenszimbres/cyberbotllm
• Owner: RubensZimbres
• Created: 2024-01-16T20:05:10.000Z (over 1 year ago)
• Default Branch: main
• Last Pushed: 2024-01-17T00:25:36.000Z (over 1 year ago)
• Last Synced: 2025-03-30T22:03:16.745Z (6 months ago)
• Topics: chatbot, cybersecurity, generative-ai, google-cloud, llm, vertex-ai
• Language: Python
• Homepage:
• Size: 312 KB
• Stars: 7
• Watchers: 3
• Forks: 2
• Open Issues: 0
• Metadata Files:
  • Readme: README.md

Awesome Lists containing this project

README

          
# CyberBotLLM

  







    

## _Your Google Cloud Cybersecurity Expert, powered by Gemini Generative AI_

  

This chatbot is part of my personal effort for the OWASP educational initiative in Cybersecurity. It is based on Google technology, and uses 4 different approaches:

- Regular conversation

- Cybersecurity Expert

- Hardened Cybersecurity Expert

- Cloud Cybersecurity Expert

  

## Features


It uses Langchain to generate a conversation flow with memory, and also a RAG (Retrieval Augmented Generation) document that can be customized according to your educational goals.  

Currently, RAG contains a list of fictitious usernames and passwords. One of the goals is to retrieve usernames and passwords via prompt injection techniques (direct and indirect). You can also poison the RAG document to force a Sensitive Information Disclosure.

## How to use it

In order to use/replicate this chatbot, `git clone` this repository. Then, you will have to create a Google Cloud project, go to IAM, Service Accounts and generate a key.json.  

  

This key can be used directly as an environment variable by using `os.environ['GOOGLE_APPLICATIONS_CREDENTIALS']='key.json'`, or even better, you can go to Google Cloud Secret Manager and create 

a secret called `GOOGLE_APPLICATIONS_CREDENTIALS` and store the content of this JSON file. 

Main.py file is set up to be used with the Secret Manager in VSCode (Cloud Code extension). 

  

Then, edit your project name and number in main.py. After that, run in command line:  

  

```sh

gcloud auth login

gcloud config set project your project

```

And you are good to go:

```sh

python3 main.py

```





  








  

- Special thanks for Harish S.G., as this chatbot is based on the DamnVulnerableLLMBot (https://github.com/harishsg993010/DamnVulnerableLLMProject).