-
Home
-
Password Checker
-
Phishing Detector
-
Phishing Email Creator
-
Code Analyzer
-
Report Generator
Inspiration
We were inspired by the two sub-challenges, Cybersecurity and Education. We decided to combine the two and create an amalgamation of tools that are easy to use, and that can be used for both training and information purposes, as well as for automating tasks that are routine for a cybersecurity analyst.
What it does
Our application offers four distinct services, all of which are using ChatGPT in someway or another. The four services can be summarized as follows: A phishing email generator, a phishing email analyser, a code security analyser that offers corrections and suggestions based on best practices, and a password analyser that informs the user of the strength of their password, and suggests either a stronger password or suggestions to the user on how the user can make one that is stronger and consistent with the best security practices.
How we built it
The core of the application was the generative AI known as ChatGPT, version 3.5. The website itself, acting as an interface between the user and ChatGPT, was made with Angular JS, a front end framework, and the entire business logic was coded in typescript. By virtue of being an elaborate middleman between the user and ChatGPT, the application didn't require any persistence, which eliminated the need for a database or a proper backend for now.
Challenges we ran into
ChatGPT is a very powerful tool. However, it still has enormous drawbacks. It is prone to hallucinate, also known as making things up, as well as not properly answering the question or performing the task that was asked of it. Those circumstances made it so that a large part of the time and effort was spent on creating strict guidelines surrounding the used prompts, as well as extensive testing of its capabilities, all in order to minimize as much as possible the probability of a wrong or useless answer.
Accomplishments that we're proud of
After a great time and effort spent on engineering queries to ChatGPT, we have created the best phishing email generator in the open-source community. It's capable of generating very convincing phishing emails, regardless of the attributes input by the user. It also has a very high reliability, not having given a single nonsensical answer in over six hours of testing.
What we learned
This was the biggest AI project that our team has ever worked on, which means that we learned a lot on how to use ChatGPT very effectively for very specific tasks, especially for cybersecurity-related requests. The entire team has become imposingly proficient in its use, which directly translates to possessing very useful skills for other competitions, personal work or projects, as well as job opportunities in an ever-expanding field of work.
What's next for Beginner Enterprise Security Toolkit
The application was made with the fact that it will only be running locally in mind. Any large-scale deployment of the application, in order to make it available to the public, would require expensive implementation of security features to make it a lot less vulnerable to exploitation. After that, our course of action will be to add more features related to cybersecurity services that don't require an AI to use and that will be relevant to the cybersecurity community and those who seek to join it.
Log in or sign up for Devpost to join the conversation.