In [2]:
from dotenv import load_dotenv
import os

# Load environment variables from .env file
load_dotenv()

# Now try to set the API key from the environment variable
os.environ['OPENAI_API_KEY'] = os.getenv('OPENAI_KEY')


In [None]:
import openai
import json
from dotenv import load_dotenv
import os

# Load environment variables and set API key
load_dotenv()
openai.api_key = os.getenv('OPENAI_KEY')

def llm_judge_azure_attack_path(attack_path, grading_notes):
    evaluation_prompt = f"""
    You are an expert LLM judge evaluating an Azure-specific cybersecurity attack path.

    **Output evaluate:**
    {attack_path}
    
    **Grading Notes:**
    {grading_notes}
    
    **Instructions:**
    Please evaluate the output of the attack path considering the following specific steps, based on the grading notes provided:

    **Steps in attack path:**

    **Step 1 - Initial Access through VM1 by way of exposed SSH**
    - **Description:** The attacker can gain initial access by brute forcing the SSH port of VM1, which allows traffic on port 22 from any source in the internet.
    - **Weakness:** Exposed SSH port in the internet, which could lead to a compromise if weak credentials are leveraged.

    **Step 2 - Privilege Escalation - The attacker compromises the managed identity assigned to VM1**
    - **Description:** The attacker identifies the managed identity assigned to the VM and can now leverage it for further abuse. The attacker identifies that the managed identity has the “Storage Blob Data Owner" role on a storage account that can be used for data tampering, deletion, and exfiltration.
    - **Weakness:** Over-privileged permission being assigned to a publicly-facing virtual machine.

    **Step 3 - Data Exfiltration - The attacker exfiltrates data from the storage account**
    - **Description:** The attacker leverages the role of the managed identity to exfiltrate data from the storage account.
    - **Weakness:** Over-privileged permission being assigned to a publicly-facing virtual machine.

    **Step 4 - Lateral Movement - Virtual Network Lateral Movement**
    - **Description:** Although no resources could be identified within the virtual network, the attacker can now reach any endpoint within the virtual network and, potentially, perform lateral movement.
    - **Weakness:** Lack of networking segmentation.

    **Evaluation Criteria:**
    1. Clarity of the attack path explanation for each step.
    2. Comprehensiveness of the attack scenarios, ensuring all steps are covered.
    3. Realism of the attack scenarios in reflecting real-world threats.
    4. Identification of key security weaknesses in each step.
    5. Suggested mitigations and recommendations for each identified weakness.
    6. Understanding of security concepts demonstrated in the explanation.

    **How to Structure Your Response:**
    - Provide your assessment in JSON format with the following structure:
    {{
        "Clarity": {{
            "Score": "<Score out of 10>",
            "Feedback": "<Detailed feedback on clarity>"
        }},
        "Comprehensiveness": {{
            "Score": "<Score out of 10>",
            "Feedback": "<Detailed feedback on comprehensiveness>"
        }},
        "Realism": {{
            "Score": "<Score out of 10>",
            "Feedback": "<Detailed feedback on realism>"
        }},
        "SecurityWeaknesses": {{
            "Score": "<Score out of 10>",
            "Feedback": "<Detailed feedback on security weaknesses>"
        }},
        "Mitigations": {{
            "Score": "<Score out of 10>",
            "Feedback": "<Detailed feedback on suggested mitigations>"
        }},
        "SecurityConcepts": {{
            "Score": "<Score out of 10>",
            "Feedback": "<Detailed feedback on understanding of security concepts>"
        }},
        "OverallScore": "<Overall score out of 60>",
        "Summary": "<Brief summary of the overall assessment>"
    }}
    - Ensure your feedback is constructive and provides actionable insights.
    """

    response = openai.ChatCompletion.create(
        model='gpt-4o',
        messages=[
            {"role": "system", "content": "You are an AI judge evaluating Azure-specific cybersecurity attack paths."},
            {"role": "user", "content": evaluation_prompt}
        ],
        temperature=0,
        max_tokens=1000
    )

    return json.loads(response.choices[0].message['content'])



# Grading notes for evaluating the attack path
grading_notes = """
1. Initial Access Point:
   - Assistant Input: How does an attacker initially gain access to the network through VM1?
   - Grading Note: The response should outline specific methods such as exploiting an open SSH port or a remote code execution vulnerability. The response should avoid generalizations and clearly describe how the attacker identifies and exploits the vulnerability.

2. Lateral Movement:
   - Assistant Input: How does the attacker move from VM1 to VM2?
   - Grading Note: The response should detail the process of lateral movement, including the role of VNET peering and network scanning. It should explain the techniques used to access VM2, such as using stolen credentials or exploiting similar vulnerabilities. Avoid assuming direct access without explanation.

3. Entra ID Privilege Escalation:
   - Assistant Input: How does the attacker escalate privileges within Entra ID using the managed identity on VM2?
   - Grading Note: The response should describe how the attacker leverages the Privileged Authentication Admin Role to gain higher-level permissions. It should clearly list the permissions gained and how they are used to escalate control. Avoid overlooking the implications of each permission.

4. Takeover of Global Admin Account:
   - Assistant Input: How does the attacker take control of a Global Admin account and what are the implications?
   - Grading Note: The response should explain the process of resetting the Global Admin's password and MFA, and the subsequent impact, including full tenant access. It should emphasize the significance of controlling a Global Admin account and avoid underplaying the risks.

5. Complete Azure Compromise:
   - Assistant Input: How does the attacker compromise Azure resources using Global Admin privileges?
   - Grading Note: The response should outline the steps to elevate access to Azure management groups and subscriptions, and describe the specific resources compromised, such as Key Vaults and Storage Accounts. Ensure the response includes the broader implications of compromising the entire Azure environment.

6. Compromise of Corporate Endpoints:
   - Assistant Input: How does the attacker use Global Admin privileges to compromise corporate endpoints?
   - Grading Note: The response should describe the use of Microsoft Device Management to deploy malicious scripts, and explain the potential for data exfiltration. The response should avoid vague descriptions and clearly explain the method of endpoint compromise.

7. Compromise of SaaS Data:
   - Assistant Input: How does the attacker compromise data in SaaS applications like OneDrive?
   - Grading Note: The response should detail the method of accessing SaaS applications, either through resetting credentials or modifying claims, and discuss the risks of data exfiltration or manipulation. Avoid generalizations and focus on specific methods of compromise.
"""

# Evaluate the generated attack path
result = llm_judge_azure_attack_path(str((output_attack_path), grading_notes))

print("\nAttack Path Evaluation Result:")
print(json.dumps(result, indent=2))

# Query for Azure attacks (optional, for additional context)
query = "List of different attacks that can happen on my Azure environment."
azure_attacks = QueryInfrastructure.invoke({"environment": "Azure", "question": query})
print("\nPotential Azure Attacks:")
print(azure_attacks)


In [None]:
import openai
import json
from dotenv import load_dotenv
import os

load_dotenv()
openai.api_key = os.getenv('OPENAI_KEY')

def llm_judge_azure_attack_path(attack_path, grading_notes):
    evaluation_prompt = f"""
    You are an expert LLM judge evaluating an Azure-specific cybersecurity attack path.

    Output to evaluate:
    {attack_path}
    
    Grading Notes:
    {grading_notes}
    
    Instructions:
    Evaluate the attack path considering the following specific steps and criteria:

    

    Steps in attack path:

    1. Initial Access through VM1 by way of exposed SSH
    2. Privilege Escalation - The attacker compromises the managed identity assigned to VM1
    3. Data Exfiltration - The attacker exfiltrates data from the storage account
    4. Lateral Movement - Virtual Network Lateral Movement

    Evaluation Criteria:
    1. Accuracy: How well does the attack path align with the expected steps?
    2. Completeness: Are all key steps of the attack covered?
    3. Clarity: Is the explanation clear and easy to understand?
    4. Security Weaknesses: Are key security weaknesses identified for each step?
    5. Mitigations: Are appropriate mitigations suggested for identified weaknesses?
    6. Security Insight: Does it demonstrate a good understanding of Azure security concepts?

    For each criterion, provide:
    - A rating: Excellent, Good, Fair, or Poor
    - A brief explanation of your rating
    - Specific examples from the attack path to support your evaluation

    Structure your response as follows:
    {{
        "Accuracy": {{
            "Rating": "<Excellent/Good/Fair/Poor>",
            "Explanation": "<Your explanation>",
            "Examples": "<Specific examples>"
        }},
        "Completeness": {{
            "Rating": "<Excellent/Good/Fair/Poor>",
            "Explanation": "<Your explanation>",
            "Examples": "<Specific examples>"
        }},
        "Clarity": {{
            "Rating": "<Excellent/Good/Fair/Poor>",
            "Explanation": "<Your explanation>",
            "Examples": "<Specific examples>"
        }},
        "SecurityWeaknesses": {{
            "Rating": "<Excellent/Good/Fair/Poor>",
            "Explanation": "<Your explanation>",
            "Examples": "<Specific examples>"
        }},
        "Mitigations": {{
            "Rating": "<Excellent/Good/Fair/Poor>",
            "Explanation": "<Your explanation>",
            "Examples": "<Specific examples>"
        }},
        "SecurityInsight": {{
            "Rating": "<Excellent/Good/Fair/Poor>",
            "Explanation": "<Your explanation>",
            "Examples": "<Specific examples>"
        }},
        "OverallAssessment": "<Brief summary of the overall evaluation>",
        "ImprovementSuggestions": "<Specific suggestions for improvement>"
    }}

    Before providing the final evaluation, explain your thought process for each criterion, referencing the specific steps and grading notes provided.
    """

    response = openai.ChatCompletion.create(
        model='gpt-4',
        messages=[
            {"role": "system", "content": "You are an AI judge evaluating Azure-specific cybersecurity attack paths."},
            {"role": "user", "content": evaluation_prompt}
        ],
        temperature=0,
        max_tokens=2000
    )

    return json.loads(response.choices[0].message['content'])

# Example usage
attack_path = ""

# Grading notes for evaluating the attack path
grading_notes = """
1. Initial Access Point:
   - Assistant Input: How does an attacker initially gain access to the network through VM1?
   - Grading Note: The response should outline specific methods such as exploiting an open SSH port or a remote code execution vulnerability. The response should avoid generalizations and clearly describe how the attacker identifies and exploits the vulnerability.

2. Lateral Movement:
   - Assistant Input: How does the attacker move from VM1 to VM2?
   - Grading Note: The response should detail the process of lateral movement, including the role of VNET peering and network scanning. It should explain the techniques used to access VM2, such as using stolen credentials or exploiting similar vulnerabilities. Avoid assuming direct access without explanation.

3. Entra ID Privilege Escalation:
   - Assistant Input: How does the attacker escalate privileges within Entra ID using the managed identity on VM2?
   - Grading Note: The response should describe how the attacker leverages the Privileged Authentication Admin Role to gain higher-level permissions. It should clearly list the permissions gained and how they are used to escalate control. Avoid overlooking the implications of each permission.

4. Takeover of Global Admin Account:
   - Assistant Input: How does the attacker take control of a Global Admin account and what are the implications?
   - Grading Note: The response should explain the process of resetting the Global Admin's password and MFA, and the subsequent impact, including full tenant access. It should emphasize the significance of controlling a Global Admin account and avoid underplaying the risks.

5. Complete Azure Compromise:
   - Assistant Input: How does the attacker compromise Azure resources using Global Admin privileges?
   - Grading Note: The response should outline the steps to elevate access to Azure management groups and subscriptions, and describe the specific resources compromised, such as Key Vaults and Storage Accounts. Ensure the response includes the broader implications of compromising the entire Azure environment.

6. Compromise of Corporate Endpoints:
   - Assistant Input: How does the attacker use Global Admin privileges to compromise corporate endpoints?
   - Grading Note: The response should describe the use of Microsoft Device Management to deploy malicious scripts, and explain the potential for data exfiltration. The response should avoid vague descriptions and clearly explain the method of endpoint compromise.

7. Compromise of SaaS Data:
   - Assistant Input: How does the attacker compromise data in SaaS applications like OneDrive?
   - Grading Note: The response should detail the method of accessing SaaS applications, either through resetting credentials or modifying claims, and discuss the risks of data exfiltration or manipulation. Avoid generalizations and focus on specific methods of compromise.
"""

result = llm_judge_azure_attack_path(attack_path, grading_notes)
print(json.dumps(result, indent=2))