No Code? No Problem! Crafting AI Apps with AWS PartyRock
A place where imagination meets innovation for everyone (no coding required)
Rewanth Tammana is a security ninja, open-source contributor, and a full-time freelancer. Previously, Senior Security Architect at Emirates NBD (National Bank of Dubai). He is passionate about DevSecOps, Cloud, and Container Security. He added 17,000+ lines of code to Nmap (famous as Swiss Army knife of network utilities). Holds industry certifications like CKS (Certified Kubernetes Security Specialist), CKA (Certified Kubernetes Administrator), etc.
Rewanth speaks and delivers training at international security conferences worldwide including Black Hat, Defcon, Hack In The Box (Dubai and Amsterdam), CRESTCon UK, PHDays, Nullcon, Bsides, CISO Platform, null chapters and multiple others.
He was recognized as one of the MVP researchers on Bugcrowd (2018) and identified vulnerabilities in several organizations. He also published an IEEE research paper on an offensive attack in Machine Learning and Security. He was also a part of the renowned Google Summer of Code program.
Generative AI, LLMs, & GPTs are the buzzwords these days. Every day numerous tools & websites are launched with AI offerings. Most often, the best ones are expensive to afford & the free ones won't give desired results.
Just a week ago, AWS launched PartyRock, an Amazon Bedrock Playground. It's a Generative AI app-building platform. No code required, just a web interface that takes text & generates the desired apps. The best part is it's free of cost & doesn't require an AWS account.
We will create a few apps to benchmark the capability of the platform.
CourseFinder: Tailored Learning Pathways
We want to learn new things but with access to unlimited content on the internet, it's hard to find the right path. This CourseFinder app takes input from you & suggests the best courses available. The best part is once you review the results, you can enter the timeframe you've to spend on it & it suggests a tailored path for the timeframe.
The path to learning "iPhone photography".
The path to learning "Asian cooking".
Storytelling: An Innovative Approach
Kids and adults love stories & movies. We wonder what if the storyline takes an alternative approach once in a while. This app generates multiple ways for the story, you can choose any option for the way forward & it generates an image.
This can easily be expanded to write an entire storybook. For example, once the image is generated, create a new widget to suggest the next 4 story lines, take user input, update the image & suggest the next 4 story paths to move ahead. This will be a lot of fun!
Being from a security background, I was curious on how this can help with security related work. Let's benchmark!
CTF Challenges Builder
Security teams are enthusiastic about playing CTFs that include challenges from different areas like cryptography, steganography, web, mobile, network, reversing, malware & so on. We can use this to generate ideas for innovative CTF challenges & chaining of attacks.
NOTE: I'm not making this app public as I hacked my way into the LLMs to make it generate vulnerable code for various tech stacks & exploit it.
SSRF vulnerability
Host Header Injection Vulnerability
Architecture Threat Modeler
Developers, DevOps and security teams review different system architectures regularly looking for misconfigurations & vulnerabilities.
This app takes the architecture design as input,
Lists all the possible components that are required to build the design
Once components are identified, it suggests possible Threat Boundaries between all components
Then, it browses the internet & suggests available open-source projects that match the given architecture
3 tier architecture in AWS
3 tier architecture in Azure
Conclusion
The synchronous prompt chaining feature in PartyRock excited me the most. Updating the main question triggers the execution of the app, generates content & the content is automatically passed as input to a different prompt to perform other operation & so on making it powerful.
