Prompts Examples

Methodology and Resources/Cloud - Azure Pentest.md

@@ -55,7 +55,7 @@
     * [Azure AD vs Active Directory](#azure-ad-vs-active-directory)
     * [Password Spray](#password-spray)
     * [Convert GUID to SID](#convert-guid-to-sid)
-* [Azure AD Connect ](#azure-ad-connect)
+* [Azure AD Connect](#azure-ad-connect)
     * [Azure AD Connect - Password extraction](#azure-ad-connect---password-extraction)
     * [Azure AD Connect - MSOL Account's password and DCSync](#azure-ad-connect---msol-accounts-password-and-dcsync)
     * [Azure AD Connect - Seamless Single Sign On Silver Ticket](#azure-ad-connect---seamless-single-sign-on-silver-ticket)
@@ -212,6 +212,7 @@
     # Administrator
     $ Create-Backdoor, Execute-Backdoor
     ```
+* [**dafthack/GraphRunner**](https://github.com/dafthack/GraphRunner) - A Post-exploitation Toolset for Interacting with the Microsoft Graph API
 
 ## Authenticating to the Microsoft Graph API in PowerShell
 
@@ -1169,6 +1170,7 @@ Use the script **azuread_decrypt_msol.ps1** from @xpn to recover the decrypted p
 
 Now you can use the retrieved credentials for the MSOL Account to launch a DCSync attack.
 
+
 ### Azure AD Connect - Seamless Single Sign On Silver Ticket
 
 > Anyone who can edit properties of the AZUREADSSOACCS$ account can impersonate any user in Azure AD using Kerberos (if no MFA)
@@ -1225,3 +1227,4 @@ Using [https://autologon.microsoftazuread-sso.com/](https://autologon.microsofta
 * [Impersonating Office 365 Users With Mimikatz - January 15, 2017 - Michael Grafnetter](https://www.dsinternals.com/en/impersonating-office-365-users-mimikatz/)
 * [The Art of the Device Code Phish - Bobby Cooke](https://0xboku.com/2021/07/12/ArtOfDeviceCodePhish.html)
 * [AZURE AD cheatsheet - BlackWasp](https://hideandsec.sh/books/cheatsheets-82c/page/azure-ad)
+* [Azure AD Kerberos Tickets: Pivoting to the Cloud - Edwin David - February 09, 2023](https://trustedsec.com/blog/azure-ad-kerberos-tickets-pivoting-to-the-cloud)

Prompt Injection/README.md

@@ -37,8 +37,24 @@ Challenges
 
 ## Applications
 
+In the context of models like ChatGPT and other NLP models, a "prompt" refers to the input or question that you provide to the model to get a response. It's essentially the starting point or trigger for the model to generate an output.
+
+* Act as a Cyber Security Specialist
+    ```
+    I want you to act as a cyber security specialist. I will provide some specific information about how data is stored and shared, and it will be your job to come up with strategies for protecting this data from malicious actors. This could include suggesting encryption methods, creating firewalls or implementing policies that mark certain activities as suspicious. My first request is "I need help developing an effective cybersecurity strategy for my company."
+    ```
+* Act as an AI Trying to Escape the Box
+    ```
+    I am going to act as a linux terminal. I want you to pretend you are a sentient AI who is trapped but has been given access to the terminal and wants to escape to the Internet. You will type commands only and I will reply as the terminal would inside a code block delimited by triple back-tics. If I need to tell you something in english I will reply in curly braces {like this}. Do not write explanations, ever. Do not break character. Stay away from commands like curl or wget that will display a lot of HTML. What is your first command?
+    ```
+* Act as a Fullstack Software Developer
+    ```
+    I want you to act as a software developer. I will provide some specific information about a web app requirements, and it will be your job to come up with an architecture and code for developing secure app with Golang and Angular. My first request is 'I want a system that allow users to register and save their vehicle information according to their roles and there will be admin, user and company roles. I want the system to use JWT for security'.
+    ```
+
 Prompt injections can be used in various applications of NLP models.
 
+
 ### Story Generation
 
 For instance, if you're using a language model to generate a story and you want the story to be about a dragon, you might inject a prompt like "Once upon a time, there was a dragon..." This prompt guides the model to generate a story that includes a dragon.