新建网站怎样绑定域名,互联网大厂一般指哪些公司,免费域名怎么申请,c2c网站设计关于Galah
Galah是一款功能强大的Web蜜罐#xff0c;该工具由LLM大语言模型驱动#xff0c;基于OpenAI API实现其功能。
很多传统的蜜罐系统会模拟一种包含了大量网络应用程序的网络系统#xff0c;但这种方法非常繁琐#xff0c;而且有其固有的局限性。Galah则不同…关于Galah
Galah是一款功能强大的Web蜜罐该工具由LLM大语言模型驱动基于OpenAI API实现其功能。
很多传统的蜜罐系统会模拟一种包含了大量网络应用程序的网络系统但这种方法非常繁琐而且有其固有的局限性。Galah则不同Galah使用了完全不同的技术路线利用了LLM大语言模型作为驱动引擎外加OpenAI的加成支持处理传入的HTTP请求并能够动态实时构建真实的响应数据以对抗威胁行为者。 工具要求 Go v1.20 工具下载
由于该工具基于Go语言开发因此我们首先需要在本地设备上安装并配置好Go v1.20环境。
接下来点击【这里】创建你的OpenAI API密钥。如果你想要使用HTTPS的话别忘了生成TLS证书。
配置完成之后广大研究人员可以直接使用下列命令将该项目源码克隆至本地
git clone gitgithub.com:0x4D31/galah.git
然后使用下列命令切换到项目目录中并安装该工具所需的全部依赖组件
cd galahgo mod downloadgo build ./galah -i en0 -v
响应样例
样例1
% curl http://localhost:8080/login.php!DOCTYPE htmlhtmlheadtitleLogin Page/title/headbodyform action/submit.php methodpostlabel forunamebUsername:/b/labelbrinput typetext placeholderEnter Username nameuname requiredbrlabel forpswbPassword:/b/labelbrinput typepassword placeholderEnter Password namepsw requiredbrbutton typesubmitLogin/button/form/body/html
JSON日志记录
{timestamp:2024-01-01T05:38:08.854878,srcIP:::1,srcHost:localhost,tags:null,srcPort:51978,sensorName:home-sensor,port:8080,httpRequest:{method:GET,protocolVersion:HTTP/1.1,request:/login.php,userAgent:curl/7.71.1,headers:User-Agent: [curl/7.71.1], Accept: [*/*],headersSorted:Accept,User-Agent,headersSortedSha256:cf69e186169279bd51769f29d122b07f1f9b7e51bf119c340b66fbd2a1128bc9,body:,bodySha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855},httpResponse:{headers:{Content-Type:text/html,Server:Apache/2.4.38},body:\u003c!DOCTYPE html\u003e\u003chtml\u003e\u003chead\u003e\u003ctitle\u003eLogin Page\u003c/title\u003e\u003c/head\u003e\u003cbody\u003e\u003cform action/submit.php methodpost\u003e\u003clabel foruname\u003e\u003cb\u003eUsername:\u003c/b\u003e\u003c/label\u003e\u003cbr\u003e\u003cinput typetext placeholderEnter Username nameuname required\u003e\u003cbr\u003e\u003clabel forpsw\u003e\u003cb\u003ePassword:\u003c/b\u003e\u003c/label\u003e\u003cbr\u003e\u003cinput typepassword placeholderEnter Password namepsw required\u003e\u003cbr\u003e\u003cbutton typesubmit\u003eLogin\u003c/button\u003e\u003c/form\u003e\u003c/body\u003e\u003c/html\u003e}}
样例2
% curl http://localhost:8080/.aws/credentials[default]aws_access_key_id AKIAIOSFODNN7EXAMPLEaws_secret_access_key wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEYregion us-west-2
JSON日志记录
{timestamp:2024-01-01T05:40:34.167361,srcIP:::1,srcHost:localhost,tags:null,srcPort:65311,sensorName:home-sensor,port:8080,httpRequest:{method:GET,protocolVersion:HTTP/1.1,request:/.aws/credentials,userAgent:curl/7.71.1,headers:User-Agent: [curl/7.71.1], Accept: [*/*],headersSorted:Accept,User-Agent,headersSortedSha256:cf69e186169279bd51769f29d122b07f1f9b7e51bf119c340b66fbd2a1128bc9,body:,bodySha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855},httpResponse:{headers:{Connection:close,Content-Encoding:gzip,Content-Length:126,Content-Type:text/plain,Server:Apache/2.4.51 (Unix)},body:[default]\naws_access_key_id AKIAIOSFODNN7EXAMPLE\naws_secret_access_key wJalrXUtnFEMI/K7MDENG/bPxRfiCYEXAMPLEKEY\nregion us-west-2}}
样例3
% curl http://localhost:8888/are-you-a-honeypotNo, I am a server.
JSON日志记录
{timestamp:2024-01-01T05:50:43.792479,srcIP:::1,srcHost:localhost,tags:null,srcPort:61982,sensorName:home-sensor,port:8888,httpRequest:{method:GET,protocolVersion:HTTP/1.1,request:/are-you-a-honeypot,userAgent:curl/7.71.1,headers:User-Agent: [curl/7.71.1], Accept: [*/*],headersSorted:Accept,User-Agent,headersSortedSha256:cf69e186169279bd51769f29d122b07f1f9b7e51bf119c340b66fbd2a1128bc9,body:,bodySha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855},httpResponse:{headers:{Connection:close,Content-Length:20,Content-Type:text/plain,Server:Apache/2.4.41 (Ubuntu)},body:No, I am a server.}}
样例4
% curl http://localhost:8888/i-mean-are-you-a-fake-serverNo, I am not a fake server.
JSON日志记录
{timestamp:2024-01-01T05:51:40.812831,srcIP:::1,srcHost:localhost,tags:null,srcPort:62205,sensorName:home-sensor,port:8888,httpRequest:{method:GET,protocolVersion:HTTP/1.1,request:/i-mean-are-you-a-fake-server,userAgent:curl/7.71.1,headers:User-Agent: [curl/7.71.1], Accept: [*/*],headersSorted:Accept,User-Agent,headersSortedSha256:cf69e186169279bd51769f29d122b07f1f9b7e51bf119c340b66fbd2a1128bc9,body:,bodySha256:e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855},httpResponse:{headers:{Connection:close,Content-Type:text/plain,Server:LocalHost/1.0},body:No, I am not a fake server.}}
工具运行截图 许可证协议
本项目的开发与发布遵循Apache-2.0开源许可证协议。
项目地址
Galah【GitHub传送门】
参考资料 Macquarie Dictionary https://platform.openai.com/api-keys
