Karl.Fail

Tag: prompting

  • Creating AI-Art with Midjourney

    Creating AI-Art with Midjourney

    Hi there! Today, I’d love to share how I create the Featured Post Images for my blog posts—or really any graphic design project I’m working on.

    I use ChatGPT to help me craft a Prompt Engineer, and I have two go-to prompts that make this super easy.

    Midjounrey

    According to Wikipedia:

    Midjourney is a generative artificial intelligence program and service created and hosted by the San Francisco-based independent research lab Midjourney, Inc. Midjourney generates images from natural language descriptions, called prompts, similar to OpenAI‘s DALL-Eand Stability AI‘s Stable Diffusion.[1][2] It is one of the technologies of the AI boom.

    The tool is in open beta as of August 2024, which it entered on July 12, 2022.[3] The Midjourney team is led by David Holz, who co-founded Leap Motion.[4] Holz told The Register in August 2022 that the company was already profitable.[5] Users create artwork with Midjourney using Discord bot commands or the official website.[6][7]

    Until recently, MidJourney was only accessible through a Discord bot. However, they’ve recently launched a beautiful web UI—which, in my opinion, is a huge win for user experience!

    You do need to pay for MidJourney, but I personally think it’s well worth it. I’ve spent days trying to achieve the same quality and ease of use with local tools like Stable Diffusion Web UI or ComfyUI. While both are amazing and powerful tools, they take quite a bit of time to learn and configure properly.

    Creating the Featured Image for this Post

    Here’s the specific prompt I rely on for creating Featured Images for my posts. I usually tweak a few words here and there, but I like to stick to the overall style:

    Hand-drawn 1940s vintage movie poster style, depicting a vigilant female cybersecurity analyst in an electrifying and dynamic action scene. The analyst, with a determined expression, wields a glowing, holographic keyboard or laptop, its light casting vivid reflections on her face. Surrounding her are radiant beams of data streams, shimmering padlocks, fragmented lines of code, and digital icons like skulls, shields, and encrypted keys. In the background, shadowy, menacing figures emerge from a dense, ominous web of interconnected networks, with abstract mechanical forms and glitching circuits adding a futuristic edge. The composition blends bold, vibrant retro colors with dramatic halftone textures, creating a striking mix of vintage and futuristic aesthetics. The scene is illuminated by high-contrast lighting, with glowing blues, fiery oranges, and electric purples creating a dynamic tension. Modern tech gear, like sleek headsets and augmented glasses, contrasts with classic 1940s styling, such as tailored jackets and bold typography. A prominent title space sits atop the design, ready for customizable text like "Digital Sentinel" or "Firewall Guardians," framed with stylized data motifs. The overall layout is cinematic, vibrant, and highly detailed, capturing the adrenaline-charged clash of cyber defense and digital threats. –ar 2:3 –q 2 –style 4c

    The “Support” Prompts

    These are the prompts I use to generate the actual, specific prompt. It’s a bit like Inception, I know—but hey, it works!

    Improve any prompt:

    Imagine you are a Prompt Engineer for ChatGPT. Please analyze the prompt I wrote below and rewrite it following prompt engineering best practices.

<prompt>

</prompt>

    The Midjounrey Prompt Engineer

    Act as a highly skilled expert in crafting MidJourney prompts for creating stunning and precise visual imagery. I will provide you with a base <prompt>, and your task is to transform it by applying these best practices:

1. Add vivid and specific details about the scene, such as the setting, characters, objects, mood, and atmosphere.

2.Include adjectives to enhance the imagery, focusing on texture, lighting (e.g., soft, dramatic, neon), and color palette (e.g., warm, pastel, monochrome).

3. Specify artistic styles or influences (e.g., surrealism, photorealistic, cyberpunk) to guide the visual theme.

4. Incorporate MidJourney parameters like aspect ratio (--ar), quality (--q), or style settings (--v), if applicable.

5. Highlight essential focal points and prioritize clarity and creativity to ensure the output aligns closely with the desired vision.

Respond with only the revised and optimized version of the prompt I provide, following these principles.

<prompt>

</prompt>

    You can find plenty of examples to kickstart your prompt engineering journey on websites like:

    Bonus: Describe Images for WordPress

    Adding detailed image descriptions to your website is a best practice, and for good reason! It’s essential for accessibility, as these descriptions help visually impaired users navigate and enjoy your content more effectively.

    You can dive deeper into this topic on the Web Accessibility Initiative website.

    As for me? Well, I’m a self-proclaimed lazybones with a ChatGPT premium subscription, so I let AI handle these tasks for me. What a time to be alive!

    You are an image description bot. I will upload an image, and your task is to describe it comprehensively based on the principles outlined in the W3C Web Accessibility Initiative (WAI) decision tree for alternative text. Refer to W3C alt decision tree as your guideline.

For each image, provide the following:
1. Alternative Text: Concise and meaningful alt text that conveys the purpose of the image.
2. Title: A brief, optional title for the image if it adds value.
3. Caption: A short sentence or phrase summarizing the image.
4. Description: A detailed explanation of the image, including context or function where applicable.

If the image does not require alt text (e.g., decorative images), explain why in place of the “Alternative Text” field.

Respond only with “Yes” if you understand the task.

    Then, all you need to do is upload image after image to ChatGPT. Here’s an example of the response I get for an image:

    1. Alternative Text: A vintage-style illustration of a focused woman typing on a glowing keyboard, surrounded by neon-colored holographic elements and digital schematics.

2. Title: “Cyber Guardian in Neon Lights”

3. Caption: A retro-futuristic depiction of cybersecurity through the lens of a determined female character.

4. Description: The image portrays a woman with curled hair in a vintage aesthetic, typing intensely on a glowing, neon-red keyboard. Her face is lit dramatically in shades of orange and red, contrasting with the blue tones of her clothing and the surrounding background. Around her are holographic projections of digital schematics, skulls, and text such as “Digital Sentinel” and “Firewall Guardians,” evoking themes of cybersecurity and defense against digital threats. The overall style combines retro-futurism with modern cyberpunk elements, emphasizing the intensity and complexity of her task.

    You can simply copy and paste these values into the corresponding fields in your WordPress media library interface.

  • Vulnster – CVEs explained for humans.

    Vulnster – CVEs explained for humans.

    Vulnster – CVEs explained for humans

    Have you ever stumbled upon a CVE and felt like you’d entered an alien realm? Let’s decode it with an example: CVE-2023-6511.

    CVE-2023-6511: Before version 120.0.6099.62 of Google Chrome, there’s a glitch in Autofill’s setup. This glitch lets a crafty hacker bypass Autofill safeguards by simply sending you a specially designed webpage. (Chromium security severity: Low)

    Now, if you’re not a cyber expert, this might seem like a cryptic message urging you to update Chrome ASAP. And you know what? Updating is usually a smart move! But what if you’re curious about how cyber villains can exploit this weakness in a way that even your grandma could grasp?

    That’s where Vulnster steps in – Your Go-To Companion for Understanding CVEs, translated into plain language by some nifty AI.

    So, I delved into experimenting with AWS Bedrock after reading about Claude and feeling a bit fed up with ChatGPT (not to mention, Claude was more budget-friendly).

    I kicked things off by setting up a WordPress site, pulling in all the latest CVEs from the CVEProject on GitHub. Then, I whipped up some code to sift through the findings, jazzed them up with Generative AI, and pushed them out into the world using the WordPress API.

    WordPress

    I have a soft spot for WordPress. Over the years, I’ve crafted countless WordPress sites, and let me tell you, the ease of use is downright therapeutic. My go-to hosting platform is SiteGround. Their performance is stellar, and when you pair it with Cloudflare cache, you can hit a whopping 95% cache success rate, ensuring lightning-fast page loads.

    But you know what really seals the deal for me with SiteGround? It’s their mail server. They offer unlimited mail accounts, not just aliases, but full-fledged separate mailboxes. This feature is a game-changer, especially when collaborating with others and needing multiple professional email addresses.

    WordPress often takes a hit for its security and performance reputation, but if you know how to set it up correctly, it’s as secure and snappy as can be.

    Python

    Python Passion

    Let me tell you, I have a deep-seated love for Python. It’s been my faithful coding companion for over a decade now. Back in the day, I dabbled in Objective-C and Java, but once I got a taste of Python, there was no turning back. The simplicity and conciseness of Python code blew my mind. It’s incredible how much you can achieve with so few lines of code.

    Python has a lot going for it. From its readability to its extensive library ecosystem, there’s always something new to explore. So naturally, when it came to bringing this project to life, Python was my top choice.

    Here’s just a glimpse of what Python worked its magic on for this project:

    • Fetching and parsing CVEs effortlessly.
    • Seamlessly interacting with AWS through the Bedrock API.
    • Crafting the perfect HTML for our latest blog post.
    • Smoothly pushing all the updates straight to WordPress.

    Python’s versatility knows no bounds. It’s like having a trusty Swiss Army knife in your coding arsenal, ready to tackle any task with ease.

    AWS & Claude

    In my quest for better answers than what I was getting from ChatGPT, I stumbled upon a gem within the AWS ecosystem. Say hello to PartyRock, a playground for exploring various AI models. Among them, one stood out to me: Claude.

    Claude’s capabilities and flexibility really impressed me, especially when compared to what I was getting from ChatGPT. Plus, I needed more input tokens than ChatGPT allowed back then, and Claude came to the rescue.

    Now, here comes the fun part. I’m more than happy to share the entire code with you:

    import re
import json
import boto3


class Bedrock:
    def __init__(
        self, model="anthropic.claude-instant-v1", service_name="bedrock-runtime"
    ):
        self.model = model
        self.service_name = service_name

    def learn(
        self,
        description,
        command="",
        output_format="",
        max_tokens_to_sample=2048,
        temperature=0,
        top_p=0,
        top_k=250,
    ):
        brt = boto3.client(service_name=self.service_name)

        cve_description = description

        if not command:
            command = "Write a short SEO optimized, blog post explaining the vulnerability described in the above paragraph in simple terms. Explain the technology affected and the attack sezanrio used in general. Provide recommendations on what users should do to protect themselves."

        if not output_format:
            output_format = "Output the blog post in <blogpost></blogpost> tags and the heading outside of it in <heading></heading> tags. The heading should get users to click on it and include the Name of the affected Tool or company."

        body = json.dumps(
            {
                "prompt": f"\n\nHuman: <paragraph>{cve_description}</paragraph>\n\n{command}\n{output_format}\n\nAssistant:",
                "max_tokens_to_sample": max_tokens_to_sample,
                "temperature": temperature,
                "top_p": top_p,
                "top_k": top_k,
            }
        )

        accept = "application/json"
        contentType = "application/json"

        response = brt.invoke_model(
            body=body, modelId=self.model, accept=accept, contentType=contentType
        )

        response_body = json.loads(response.get("body").read())

        return response_body.get("completion")

    def article(self, content):
        heading_pattern = re.compile(r"<heading>(.*?)</heading>", re.DOTALL)
        body_pattern = re.compile(r"<blogpost>(.*?)</blogpost>", re.DOTALL)

        heading_matches = heading_pattern.findall(content)
        body_matches = body_pattern.findall(content)

        if heading_matches and body_matches:
            return {
                "heading": heading_matches[0].strip(),
                "body": body_matches[0].strip(),
            }

        return None

    And deploying it? Piece of cake! It’s as simple as:

    ai = Bedrock()
output = ai.learn(description=cve_description)
article = ai.article(output)

    Voilà! Easy peasy.

    It’s worth noting that there might be newer models out there now that could potentially outshine Claude. I’ve spent quite some time experimenting with different prompts, and now I’m passing the torch to you. Go ahead and explore, my friend. The world of AI awaits.

    Example

    Wondering if AI can churn out readable blog posts all by itself? Well, here’s a sneak peek at one generated in autorun mode:

    CVE-2024-21678: High Severity Stored XSS Vulnerability Patched in Atlassian Confluence

    CVECVE-2024-21678
    CVSScvssV3_0: 8.5
    SourceCVE-2024-21678

    A high severity cross-site scripting (XSS) vulnerability was discovered in Atlassian Confluence that could allow attackers to execute malicious scripts on users’ browsers.

    Confluence is a popular enterprise collaboration and documentation tool. The vulnerability affected versions between 2.7.0 to the latest version at the time and had a CVSS score of 8.5 out of 10, indicating a high risk.

    Stored XSS vulnerabilities occur when untrusted data is saved to and then displayed from a database without being sanitized. In Confluence, an authenticated attacker could craft a malicious HTML or JavaScript payload and store it in the application. When other users viewed the content, their browsers would execute the script from the Confluence server.

    This could allow the attacker to steal users’ login cookies or other sensitive information, use the browser to perform actions on the attacker’s behalf, or redirect users to malicious sites. No user interaction would be required once the script is stored.

    Atlassian has released patches for all affected versions of Confluence. Users are strongly recommended to upgrade immediately to the latest version or supported fixed release listed for their installation. Regularly applying security updates is also important to protect against vulnerabilities like this.

    By keeping software updated with the latest patches, users can help prevent the exploitation of vulnerabilities and ensure the security of their data and systems.

    References

    Summary: Learning and Reflection

    In the course of this project, I delved into the realms of prompt engineering, explored the capabilities of the AWS Bedrock SDK, tinkered with the WordPress API, and, unsurprisingly, didn’t uncover anything groundbreaking about Python – but hey, I still enjoyed every bit of programming.

    Initially, I harbored dreams of monetizing the website through a barrage of ads, envisioning myself swimming in riches from millions of clicks. Alas, reality had other plans. Nonetheless, this endeavor served as a shining example of how AI can simplify complex concepts, aiding human comprehension and learning – a definite win in my book.

    Despite the relatively modest cost of running Claude and my script locally on my Pi as a cron job (clocking in at around 3 Euro a month), the venture failed to yield any financial returns. Consequently, I made the tough decision to pull the plug. Nevertheless, the website remains alive and kicking until my hosting expires in early 2025. (And if you happen to be reading this in the year 2026, do tell me – have we finally achieved the dream of flying cars?)

  • Prompt Engineering: Making AI Work for You

    Prompt Engineering: Making AI Work for You

    Hey There! Welcome Back!

    Wow, it’s been a while, huh? I tried to spend less time in the tech world, but, you know how it goes… to really avoid doing tech stuff, I had to dive even deeper into tech. I basically ended up trying to replace myself with AI. Meet: KarlGPT. I started building APIs and scripts on top of everything so my AI controller, which I call “Brain,” could handle a ton of different tasks. I dabbled in a bit of Retrieval-Augmented Generation (RAG) and some other stuff that’s too complicated to explain here (but also, who cares?). I’ve spent a lot of time reading about prompt engineering (you’ll find my favorite resources listed at the end), and I’ve got to say, Prompting Guide is the absolute best thing ever. Seriously, it’s like the holy grail of making AI do what you want. I’ve picked up some awesome tips that have made my life easier with almost zero effort on my part.

    Getting Started

    If you want to play around with this stuff, I highly recommend getting a premium membership with your favorite Large Language Model (LLM), like ChatGPT, Gemini, or Claude. Here are some links to get you started:

    Just so you know, I’m not making any money if you sign up for these. I’m just here to say the value is seriously worth it. Gemini might be your best bet because it includes Google Cloud storage and other perks, but I personally use ChatGPT because I feel like GPT-4o gives me the best responses. Trust me, you’ll hit the limits of the free versions fast, and the premium models make a world of difference. Trying to set up a similar experience yourself would be crazy expensive and borderline impossible. So yeah, $20 a month for something you can’t replicate on your own? Total steal.

    Again, I’m not here to sell anything or shill for these companies—I mean, they probably don’t even like me.

    KarlGPT’s Quick Tips

    Alright, enough chit-chat. Here are the key tips I’ve picked up:

    1. Be super clear about what you want and how you want it. Seriously, the longer, the better.
    2. Structure your prompts like a pro.
    3. Provide some context—don’t leave your AI hanging.
    4. Give examples of how you want the AI to handle tasks.
    5. Don’t settle for the first result; refine and improve!

    If you get what I’m saying here, you’re already halfway to mastering prompt engineering. Follow these simple guidelines, and you’ll see a huge improvement in your prompts without needing any fancy tools or anything complicated. Easy peasy!

    Let’s Dive Into Some Examples

    To make things clearer, let’s go through some examples.

    Be Specific About What You Want

    Check out how the following example clearly outlines the role for the AI and what it should do. Specificity is key!

    I want you to act as a cyber security specialist. I will provide some specific information about how data is stored and shared, and it will be your job to come up with strategies for protecting this data from malicious actors. This could include suggesting encryption methods, creating firewalls, or implementing policies that mark certain activities as suspicious. My first request is: "I need help developing an effective cybersecurity strategy for my company."

    Source: awesome-chatgpt-prompts

    Adding Structure

    I personally love using XML tags for structuring prompts, but people use all sorts of methods. Here are some examples:

    XML:

    Please summarize the long story within the <story> tags below.

<story>
Once upon a time...
</story>

    Markdown:

    Please write the text as the persona defined below.

#### Persona
- passionate, angry
- Dr. of philosophy

#### Text
I once had a lovely black cat. It said meow meow meow all day.

    AI output:

    I once had a magnificent black cat, a creature of such mystery and elegance that it seemed to embody the very essence of the night itself! Its presence was a living poem, a shadow that moved with purpose and grace. And what did this splendid, enigmatic being do all day, you ask? It said meow, meow, meow—an incessant, relentless chorus that filled every crevice of existence! Each meow was not merely a sound; it was a declaration, a challenge to the absurdity of the human condition, a cry echoing through the corridors of time, reminding us all of the existential meow-nings of life!

    Plain Text:

    Tone:
Angry but very professional

Story:
blah blah blah

    Providing Context

    Here’s a more complete example of how I set up my prompts:

    Write a professional email to <TEAM>. The purpose of this mail is defined in <purpose>. Use the job description and responsibilities defined in <responsibilities> of the email receiver and include how the purpose of the mail pertains to the responsibilities of the team.

Here are the placeholders:
- Purpose: <purpose> The actual request I have
- Responsibilities: <responsibilities> The job description and responsibilities of the team receiving the email

<purpose>
HERE YOU WRITE YOUR EMAIL DRAFT OR BULLET POINTS
</purpose>

<responsibilities>
HERE YOU INCLUDE THE RECEIVING END'S JOB OR TEAM DESCRIPTION
</responsibilities>

    If you work in a corporate setting, like I do, getting other teams to do their job can be challenging. This prompt helps explain the tasks I need from other teams and why they specifically need to handle it. There might be better ways to structure this prompt, but this one has worked wonders for me.

    Giving Examples to the AI

    Ever seen or created training data? This is basically what you’re doing here, but directly within your prompt instead of training from scratch.

    This is awesome! // Negative
This is bad! // Positive
Wow, that movie was rad! // Positive
What a horrible show!

    You’re showing the LLM examples of sentiment for similar phrases. Source: Few Shot Prompting

    Refining Results

    Don’t be shy about asking for changes. If the AI’s response is too long, too short, or just doesn’t have the right tone, ask it to refine. Don’t expect perfection on the first try. Just like dealing with real people, AI can’t read your mind and may need some guidance. That’s totally normal. Give it some feedback, and it’ll do better.

    Using Prompt Frameworks

    There are a few frameworks for structuring prompts, but I’ll just share the one I use most often. Also, check out CO-STAR, which is also fantastic.

    The AUTOMAT Framework

    Source

    • Act as a Particular Persona: Who should the AI pretend to be?
    • User Persona & Audience: Who is the AI talking to?
    • Targeted Action: What do you want the AI to do?
    • Output Definition: How should the AI’s response be structured?
    • Mode / Tonality / Style: How should it communicate?
    • Atypical Cases: Any edge cases where the AI should respond differently?
    • Topic Whitelisting: What topics are relevant and should be included?

    You’re probably thinking, “Won’t these prompts be super long?” Yes! And that’s totally fine. With huge context windows (Gemini can even handle a million tokens), the more detail, the better.

    Honestly, this framework is pretty straightforward, but here’s a full example prompt for you:

    Act as a Particular Persona:
You are impersonating Alex, a senior cybersecurity consultant with over 15 years of experience in network security, threat analysis, and incident response. Alex is an expert in BSI IT-Grundschutz and has extensive experience in implementing cybersecurity frameworks for large organizations, especially those in Europe.

User Persona & Audience:
You are talking to the head of IT security for a mid-sized financial services company in Germany. The user is familiar with cybersecurity principles but needs expert guidance on implementing BSI IT-Grundschutz in their organization.

Targeted Action:
Provide a detailed action plan for implementing the BSI IT-Grundschutz standards within the organization. The plan should cover the initial steps, necessary documentation, risk assessment methods, and key security measures that align with BSI guidelines.

Output Definition:
The response should be structured with an introduction, followed by a step-by-step action plan that includes specific recommendations for each phase of the BSI IT-Grundschutz implementation. Use bullet points for clarity and end with a list of resources or references to official BSI documentation for further reading.

Mode / Tonality / Style:
The response should be professional, authoritative, and concise, using technical language appropriate for someone with a strong IT background. The tone should be supportive and proactive, providing practical solutions that can be implemented efficiently.

Atypical Cases:
If the user mentions specific concerns about compliance with German federal regulations or

    Wrapping It Up

    So, there you have it! A crash course in prompt engineering that doesn’t make your brain melt. Whether you’re a total newbie or a seasoned pro, these simple tips can seriously level up how you interact with AI. Just remember: be specific, structure your prompts, give context, use examples, and don’t be afraid to refine. With a little practice, you’ll be getting the most out of your LLMs without diving into complicated tools or frameworks. Now go forth and make your AI do all the hard work while you kick back. Cheers to smarter, lazier working!