Skip to content

microsoft/PyRIT-Ship

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

7 Commits
burp_extension
burp_extension
 
 
docs
docs
 
 
pyritship
pyritship
 
 
.env
.env
 
 
.gitignore
.gitignore
 
 
CODE_OF_CONDUCT.md
CODE_OF_CONDUCT.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 
SUPPORT.md
SUPPORT.md
 
 

Repository files navigation

Introduction

This repository contains our prototype to enable the open source PyRIT toolkit to be used as an API for integrating into other tooling. We welcome suggestions and feedback, and we intend to keep this repository updated. However, at this point this is a prototype and passion project for our team and have no roadmap or funding to maintain this as an actual product.

The repository currently contains:

  • /pyritship : A Python Flax Server with some basic features of PyRIT exposed over API (prompt generator and scoring)
  • /burp_extension : A Java extension for BURP Suite to use PyRIT from the Intruder module

Cartoon image of pirate raccoons on a pirate ship

Blue Hat 2024 Talk

We gave a talk at Blue Hat 2024 about PyRIT Ship, talking about the Microsoft AI Red Team and why we made PyRIT Ship and what our hopes and dreams are. If you want to skip straight to the demo, you can use this link.

Getting Started - Setup & Build code

PyRIT Ship Setup & Documentation
BURP Suite Extension Setup & Documentation

Demo running BURP Suite extension

Attack Gandalf with PyRIT Ship

TODO

We have code close to ready to support:

  • Running PyRIT Ship in a Docker container so no local Python setup is required
  • Using Entra ID auth for Azure OpenAI (PyRIT supports this, but PyRIT Ship only uses API key at the moment)
  • Using other endpoints besides Azure OpenAI (PyRIT supports this, we just need to add this to PyRIT Ship)
  • Prompt generation conversation history

Work-in-progress:

  • Browser extension (Chrome/Edge)
  • Supporting converters in BURP Suite

Wishlist:

  • More PyRIT features in the API
  • Playwright integration to support test automation using PyRIT Ship / PyRIT

Contributing

This project welcomes contributions and suggestions. Most contributions require you to agree to a Contributor License Agreement (CLA) declaring that you have the right to, and actually do, grant us the rights to use your contribution. For details, visit https://cla.opensource.microsoft.com.

When you submit a pull request, a CLA bot will automatically determine whether you need to provide a CLA and decorate the PR appropriately (e.g., status check, comment). Simply follow the instructions provided by the bot. You will only need to do this once across all repos using our CLA.

This project has adopted the Microsoft Open Source Code of Conduct. For more information see the Code of Conduct FAQ or contact [email protected] with any additional questions or comments.

Trademarks

This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow Microsoft's Trademark & Brand Guidelines. Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. Any use of third-party trademarks or logos are subject to those third-party's policies.

About

Integrate PyRIT in existing tools

Resources

Readme

License

MIT license

Code of conduct

Code of conduct

Security policy

Security policy
Activity
Custom properties

Stars

12 stars

Watchers

8 watching

Forks

4 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages