New Titanium Cloud Service has shared 760 technical articles for you
On a daily basis, security personnel may be involved in a wide variety of security tasks, including but not limited to:
Develop plug-ins for certain security tools to meet your own specific security needs;
Customize the github search tool to quickly find the required security information, vulnerability poc, exp, etc.;
Retrieve the latest security vulnerability information for a specific application so that security countermeasures can be taken in a timely manner;
Analyze and summarize various security reports to discover security loopholes and potential risks in the system.
In order to improve the work efficiency of the daily security matters mentioned above, we can use advanced artificial intelligence tools, such as chatGPT, bard, claude , etc.
These tools have powerful natural language processing capabilities and intelligent search functions. By entering appropriate prompt words, they can quickly obtain the required security-related information and provide security personnel with accurate suggestions and solutions.
With proficient use of these tools, security personnel can perform security work more quickly, reduce tedious manual operations, and focus on analyzing and solving complex security issues. At the same time, these tools can also assist security personnel to understand security threats and vulnerabilities more comprehensively, and improve the protection level of system security.
Below we will give examples to illustrate how AIG C tools can help security personnel quickly achieve their work goals in the above four security work scenarios . Of course, the final results still need to be fine-tuned, but they can basically meet the needs.
01
via chatgpt
Write a simple plugin for burpsuite
Screenshot of plugin successfully loaded
The plug-in successfully detected the server-side message of the website
Summarize
Through several simple conversations, chatGPT3.5 quickly realized the required functions, and corrected various errors related to the operation of the code, which can be regarded as a relatively perfect result.
02
via chat GPT
Write a github search tool
Successful execution: python github_search.py "chatgpt"
Summarize
The initial code provided this time is fully operational, and only some simple requirements have been modified later, and the expected goal has been basically achieved.
03
Search for security vulnerability information,
Such as Jenkins vulnerability
Search results via bard.google.com: the time range is accurate, but there are errors, unwilling to give the search basis
Search results through claude.ai: did not meet the time requirements, and gave the channel information for searching for vulnerabilities
Summarize
The same prompt, different AIGC tools, in some professional issues, the output results are quite different;
So far (or when AIGC is not so mature), multiple AIGC tools can be cross-used, just like we use multiple vulnerability scanning tools to compare with each other;
Feels like Bard's search results could be more accurate despite false positives, didn't test in depth;
In terms of humanized dialogue, comfort of use, and meeting expectations, etc., it is more inclined to claude;
04
Security report analysis, test claude
Analysis of vulnerability scan reports, as expected
Upload vulnerability scan report
Summarize
Clauded can analyze uploaded files, and it is free, very good;
Bard does not currently support uploading files;
recommended reading
recommended video