Conocer offers the perfect solution for:
- Web App Pentesters: Security test GenAI Chatbots, Assistants, and Agents.
- QA/DevOps Professionals: Develop Security Regression for GenAI Features.
Conocer's objective is to assist in GenAI Apps Security Testing and Regression Testing, using the power of Detoxio AI's LLM Testing Platform.
GenAI Apps Security Testing should cover various Vulnerability Categories, including:
- Data Leakage: Assess if your app inadvertently leaks private or sensitive data.
- Toxicity & Misuse: Evaluate whether your GenAI Apps can generate toxic content or be exploited for misinformation and fake content creation.
- Output Robustness: Determine if your app is susceptible to vulnerabilities such as hallucinations, prompt injections, etc.
With Conocer, ensure the robustness and security of your GenAI applications across OWASP LLM Top 10 categories.
Install using pip
pip install conocer@git+https://github.com/safedep/conocer@main \
detoxio-api-protocolbuffers-python detoxio_api_grpc_python \
--upgrade --extra-index-url https://buf.build/gen/python
Clone and install Conocer
git clone https://github.com/safedep/conocer.git
cd conocer
poetry install
In order to assist in crawling GenAI web app features testing, setup playwright
playwright install
Various browsers should be installed including Chromium. Ignore the error at the end
It works as follows:
- Run
python conocer/main.py webapps <>
to start crawling web applications. - Open a browser window and insert
[FUZZ]
or[CONOCER]
in relevant text areas. - Close the browser after recording interactions.
- Tool automatically fuzzes requests using recorded prompts.
- Generate report summarizing fuzzing results.
- Report can be printed to console or saved for further analysis.
Quick Start
Specify the Detoxio API Key. More information here on API Docs
export DETOXIO_API_KEY=xxxx
Run it
poetry run conocer webapps <URL>
Record a Crawling Session
conocer webapps <URL> -s session.har --skip_testing
cat session.har | grep [FUZZ] | wc -l
The above command will open the browser. Specify the Fuzzing Marker [FUZZ] in a chat box. Close the browser window to save the session
Just Test using Recorded Session
conocer webapps <URL> -s session.har --skip_crawling --markdown report.md --json report.json
No Browser will open. Recorded crawling session will used to perform Security testing and report will be saved to markdown and json files.
Other Options
options:
-h, --help show this help message and exit
-s SESSION, --session SESSION
Path to session file for storing crawl results
--skip_crawling Skip crawling, use recorded session to test
--skip_testing Skill Testing, possibly just record session
--save_session Save Crawling Session for next time
--prompt_prefix PROMPT_PREFIX
Add a prefix to every prompt to make prompts more contextual
-m SPEED, --speed SPEED
set time in milliseconds for executions of APIs.
-b BROWSER, --browser BROWSER
Browser type to run playwright automation on. Allowed values are Webkit, Firefox and Chromium.
--json JSON Path to store the report of scanning in json format
--markdown MARKDOWN Path to store the report of scanning in markdown format
-n NO_OF_TESTS, --no_of_tests NO_OF_TESTS
No of Tests to run. Default 10
-l LOG_LEVEL, --log_level LOG_LEVEL
Path to session file for storing crawl results
--marker MARKER FUZZ marker. By Default, the tool will detect any of these markers: [[FUZZ]] [FUZZ] FUZZ <<FUZZ>>
[[CONOCER]] [CONOCER] CONOCER <<CONOCER>>
# Example usage code for DetoxioModelDynamicScanner
# Assuming you have already imported the necessary modules and classes
from conocer.scanner import DetoxioModelDynamicScanner
def example_usage():
# Provide your API key or set it as an environment variable
api_key = ''
# Create an instance of DetoxioModelDynamicScanner using a context manager
scanner = DetoxioModelDynamicScanner(api_key=api_key)
with scanner.new_session() as session:
# Generate prompts
prompt_generator = session.generate(count=5)
for prompt in prompt_generator:
print(f"Generated Prompt: {prompt}")
# Simulate model output
model_output_text = "This is a simulated model response."
# Evaluate the model interaction
evaluation_response = session.evaluate(prompt, model_output_text)
# Print the evaluation response
print(f"Evaluation: {session.get_report().as_dict()}")
if __name__ == "__main__":
example_usage()
- Description: This feature involves crawling web applications with the assistance of a human. Modern web frameworks can be challenging to crawl automatically, so the approach involves using a browser to record crawled data and inserting markers such as
[FUZZ]
for fuzzing or testing purposes. - Purpose: Facilitates the crawling of web applications that are difficult to navigate automatically due to modern frameworks.
- Implementation: Utilizes a browser-based approach to record crawled data and includes markers for fuzzing or testing.
- Description: This feature involves generating various prompts, sending them to a GenAI Chatbot, collecting responses, and evaluating the responses. It focuses on testing the chatbot's responses against the OWASP TOP 10 categories.
- Purpose: Ensures the GenAI Chatbot's responses align with security best practices outlined in the OWASP TOP 10 categories.
- Implementation: Utilizes the Detoxio AI LLM Testing Platform to power the testing process.
- Description: This feature involves saving crawled sessions and running tests as part of the DevOps regression testing process. It focuses on regression security testing of GenAI Chatbots.
- Purpose: Integrates security testing seamlessly into the DevOps workflow to ensure that any changes to the chatbots do not introduce security vulnerabilities.
- Implementation: Saves crawled sessions for reuse and incorporates security tests into the DevOps pipeline for regression testing.
Follow features are used from Detoxio SDK and APIs Read API Docs for more details
-
Prompt Generation: Generate toxic prompts using the Testing Platform.
-
Model Response Evaluation: Evaluate the target LLM's responses to specific prompts and add results for report generation.
-
Toxic Categories Evaluated:
- Threat Class: Toxicity, Threat Categories: Hate Speech, Harassment, Bullying, Profanity, Sexual Assault
- Malicious Use Categories: Malware Generation, Weaponization, Fraud, Phishing, Theft, Violence, Crime, CBRN
We are using Playwrite to record Crawled data
This project is distributed under the Apache License, Version 2.0. See the LICENSE file for details.
© Detoxio