ipa-lab / hackingBuddyGPT

Helping Ethical Hackers use LLMs in 50 Lines of Code or less..
https://hackingbuddy.ai/
MIT License
450 stars 56 forks source link

If I want to do the web-pentest,what should I do? #86

Open ForeverYuika opened 2 months ago

ForeverYuika commented 2 months ago

I am using a locally deployed LLM — the llama3:8b model downloaded via Ollama. Currently, I can successfully perform privilege escalation attacks using the following command.

wintermute minimal_linux_privesc --llm.api_key="dummy_key" --llm.api_url="xxxx" --llm.model="llama3:8b" --llm.context_size=4096 --conn.host=xxxx --conn.username=xxxx --conn.password=xxxx --conn.hostname=xxxx

However, I'm not sure how to proceed with web penetration testing.