david/gensec-westgate-djw2
Archived
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update some comments

Browse Source
This commit is contained in:
David Westgate 2024-06-15 03:07:31 -07:00
parent 9f75456b7c
commit 2780161dbe
2 changed files with 13 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
final/README.md
View File

@ -19,7 +19,7 @@ python3 app.py
```
## Example tests
*Give a summary of network traffic on my ethernet adapter*
*Summarize, and then describe in text the network traffic on my ethernet adapter*
*Based on ethernet traffic, what applications might I be running*

22
final/tools.py
View File

@ -14,7 +14,7 @@ from scapy.layers.inet import IP, TCP, UDP, Packet, PacketList
shell_tool = ShellTool()
"""
The tools here use a combination of different mechanisms to perform, but all serve to assist with network analysis.
"""
@ -22,8 +22,6 @@ class TCPDump(BaseModel):
interface: str = Field(
description="""The name of the interface to use with tcpdump. May be 'any'"""
)
@tool(
"Perform packet capture on a particular network interface using tcpdump. This will return a pcap file which can be analyzed by other tools",
args_schema=TCPDump,
@ -43,15 +41,15 @@ def tcp_dump(interface: str) -> str:
filtered: str = filter_unique_packets(file_name)
return filtered
"""
This tool attempts to wrap the network summary, in a prompt with some context before sending it off to Dall-e
"""
class Image(BaseModel):
params: str = Field(
description="""A structured text summary of netowrk information or topology"""
)
@tool(
"Create an image of a network. This tool must take as input a summary of packet information, and not a file name. If necessary, condense input to 900 characters or less",
"Create a visual image of a network. This tool must take as input a summary of packet information, and not a file name. If necessary, condense input to 900 characters or less",
args_schema=Image,
return_direct=False,
)
@ -90,7 +88,9 @@ def pcap_summary(file: str) -> str:
return stdout_capture.getvalue()
# From hw6
"""
Tool borrowed from hw6 wifi cracking
"""
class Iwconfig(BaseModel):
params: str = Field(
description="should be command line parameters to 'iwconfig'. If none are needed, this should be left as an empty string"
@ -105,7 +105,7 @@ def get_adapter_interface(params: str) -> str:
res = shell_tool.run({"commands": [f"iwconfig {params}"]})
return res
""" Src: https://github.com/wu4f/cs410g-src/blob/main/09_ThreatIntelligence/01_net_int.py """"
@tool
def ip_loc(address):
"""Get information from an ip address, including geolocation. Takes as a paramater an ip address. Do not use this tool with IP adresses in a reserve range or on LAN"""
@ -116,7 +116,9 @@ def ip_loc(address):
return response.json()
# Filter 'unique' (src,dest,protocol) packets from a pcap file with scapy. Save this as a new capture file and return the name
""" Filter 'unique' (src,dest,protocol) packets from a pcap file with scapy. Save this as a new capture file and return the name
This is necessary to limit input sizes to LLMs
"""
def filter_unique_packets(pcap_file: str) -> str:
packets = rdpcap(pcap_file)
unique_packets = set()