Skip to content

YuvalSchwartz/llm-cloud-hunter

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits
evaluation
evaluation
 
 
ground_truth
ground_truth
 
 
output
output
 
 
prompts
prompts
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
criticality_classifier.py
criticality_classifier.py
 
 
downloader.py
downloader.py
 
 
evaluator.py
evaluator.py
 
 
events_remover.py
events_remover.py
 
 
explicit_api_call_extractor.py
explicit_api_call_extractor.py
 
 
image_analyzer.py
image_analyzer.py
 
 
image_classifier.py
image_classifier.py
 
 
image_transcriber.py
image_transcriber.py
 
 
implicit_api_call_extractor.py
implicit_api_call_extractor.py
 
 
ioc_extractor.py
ioc_extractor.py
 
 
llm_cloud_hunter.py
llm_cloud_hunter.py
 
 
main.py
main.py
 
 
new_architectures.drawio
new_architectures.drawio
 
 
oscti_level_processor.py
oscti_level_processor.py
 
 
paragraph_level_processor.py
paragraph_level_processor.py
 
 
parser.py
parser.py
 
 
preprocessor.py
preprocessor.py
 
 
requirements.txt
requirements.txt
 
 
rule_generator.py
rule_generator.py
 
 
rule_optimizer.py
rule_optimizer.py
 
 
rule_selector.py
rule_selector.py
 
 
ttp_classifier.py
ttp_classifier.py
 
 
utils.py
utils.py
 
 

Repository files navigation

LLM Cloud Hunter

License: MIT

Running instructrions

To run LLM-Cloud-Hunter, use the main.py file. Add url's of new OSCTI to the urls list

Example:

if __name__ == '__main__':
    urls = []
    urls.append('https://sysdig.com/blog/cloud-breach-terraform-data-theft/')

Output:

In the folder output, using the name of the OSCTI,

📄 Citation and DOI

If you use this repository, please cite it using the following DOI:

DOI

📑 Citation (BibTeX)

For citing the artifact, use:

@article{schwartz2024llmcloudhunter,
  title={Llmcloudhunter: Harnessing llms for automated extraction of detection rules from cloud-based cti},
  author={Schwartz, Yuval and Benshimol, Lavi and Mimran, Dudu and Elovici, Yuval and Shabtai, Asaf},
  journal={arXiv preprint arXiv:2407.05194},
  year={2024}
}

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

15 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases 1

First Official Release for The Web Conference 2025 Latest
Feb 17, 2025

Packages

No packages published

Contributors 2

  •  
  •  

Languages