diff --git a/week1/community-contributions/day1_check_source_for_security_vuln.ipynb b/week1/community-contributions/day1_check_source_for_security_vuln.ipynb
new file mode 100644
index 0000000..db99309
--- /dev/null
+++ b/week1/community-contributions/day1_check_source_for_security_vuln.ipynb
@@ -0,0 +1,156 @@
+{
+ "cells": [
+ {
+ "cell_type": "code",
+ "execution_count": null,
+ "id": "e95fa36b-7118-4fd8-a3b2-b4424bda2178",
+ "metadata": {},
+ "outputs": [],
+ "source": [
+ "import os\n",
+ "import requests\n",
+ "from dotenv import load_dotenv\n",
+ "from bs4 import BeautifulSoup\n",
+ "from IPython.display import Markdown, display\n",
+ "from openai import OpenAI\n"
+ ]
+ },
+ {
+ "cell_type": "code",
+ "execution_count": null,
+ "id": "a0356762-4a3f-437a-908e-192aa9c804c7",
+ "metadata": {},
+ "outputs": [],
+ "source": [
+ "load_dotenv(override=True)\n",
+ "api_key = os.getenv('OPENAI_API_KEY')\n",
+ "\n",
+ "# Check the key\n",
+ "\n",
+ "if not api_key:\n",
+ " print(\"No API key was found - please head over to the troubleshooting notebook in this folder to identify & fix!\")\n",
+ "elif not api_key.startswith(\"sk-proj-\"):\n",
+ " print(\"An API key was found, but it doesn't start sk-proj-; please check you're using the right key - see troubleshooting notebook\")\n",
+ "elif api_key.strip() != api_key:\n",
+ " print(\"An API key was found, but it looks like it might have space or tab characters at the start or end - please remove them - see troubleshooting notebook\")\n",
+ "else:\n",
+ " print(\"API key found and looks good so far!\")\n"
+ ]
+ },
+ {
+ "cell_type": "code",
+ "execution_count": null,
+ "id": "eb747863-30bd-4a0b-b359-b37223884075",
+ "metadata": {},
+ "outputs": [],
+ "source": [
+ "openai = OpenAI()\n",
+ "message = \"Hello, GPT! This is my first ever message to you! Hi!\"\n",
+ "response = openai.chat.completions.create(model=\"gpt-4o-mini\", messages=[{\"role\":\"user\", \"content\":message}])\n",
+ "print(response.choices[0].message.content)"
+ ]
+ },
+ {
+ "cell_type": "code",
+ "execution_count": null,
+ "id": "fae60901-3564-4f26-a812-fc16d3b95bdb",
+ "metadata": {},
+ "outputs": [],
+ "source": [
+ "def get_page_source(url):\n",
+ " response = requests.get(url)\n",
+ " response.raise_for_status() # Hata varsa bildirir\n",
+ " return response.text # Ham HTML metni döner\n",
+ "\n",
+ "system_prompt = \"You are an assistant analyzing the source of a website and checking for security vulnerabilities.\"\n",
+ "\n",
+ "def user_prompt_for(url):\n",
+ " user_prompt = \"Below is the HTML source of the website:\\n\\n\"\n",
+ " user_prompt += get_page_source(url) \n",
+ " user_prompt += \"\\n\\nPlease check this website and search for security vulnerabilities. \"\n",
+ " user_prompt += \"If you don't find any, print 'No vulnerability found.' \"\n",
+ " user_prompt += \"If you find a potential vulnerability risk, describe the vulnerability risk and print 'Potential Vulnerability Risk'.\"\n",
+ " user_prompt += \"If you find a direct, explicit vulnerability, describe the vulnerability and CVSS Score print 'ATTENTION! Vulnerability is Found.'\"\n",
+ " user_prompt += \"If you find both a potential vulnerability risk and a direct, explicit vulnerability, describe them and CVSS Score print 'ATTENTION! Potential Vulnerability Risk and Direct Vulnerability are Found!!'\"\n",
+ " return user_prompt\n",
+ "\n",
+ "def messages_for(url):\n",
+ " return [\n",
+ " {\"role\": \"system\", \"content\": system_prompt},\n",
+ " {\"role\": \"user\", \"content\": user_prompt_for(url)}\n",
+ " ]\n",
+ "\n",
+ "def check_vuln(url):\n",
+ " response = openai.chat.completions.create(\n",
+ " model = \"gpt-4o-mini\",\n",
+ " messages = messages_for(url)\n",
+ " )\n",
+ " return response.choices[0].message.content\n",
+ "\n"
+ ]
+ },
+ {
+ "cell_type": "code",
+ "execution_count": null,
+ "id": "e048c27f-f659-4c92-a47c-679bf6e5bf5f",
+ "metadata": {},
+ "outputs": [],
+ "source": [
+ "def display_vuln(url):\n",
+ " display_vuln = check_vuln(url)\n",
+ " display(Markdown(display_vuln))"
+ ]
+ },
+ {
+ "cell_type": "code",
+ "execution_count": null,
+ "id": "69f5852f-ca5b-4933-b93c-e9f2d401467a",
+ "metadata": {},
+ "outputs": [],
+ "source": [
+ "display_vuln(\"https://edwarddonner.com\")"
+ ]
+ },
+ {
+ "cell_type": "code",
+ "execution_count": null,
+ "id": "824943fc-e5a5-424a-abec-56767a709782",
+ "metadata": {},
+ "outputs": [],
+ "source": [
+ "display_vuln(\"http://192.168.1.113/\") #local apache server IP, contains xss_vulnerable_example.html"
+ ]
+ },
+ {
+ "cell_type": "code",
+ "execution_count": null,
+ "id": "e3543846-e0c6-4504-8b65-2f675f0f7ebe",
+ "metadata": {},
+ "outputs": [],
+ "source": [
+ "display_vuln(\"https://www.google.com\")"
+ ]
+ }
+ ],
+ "metadata": {
+ "kernelspec": {
+ "display_name": "Python 3 (ipykernel)",
+ "language": "python",
+ "name": "python3"
+ },
+ "language_info": {
+ "codemirror_mode": {
+ "name": "ipython",
+ "version": 3
+ },
+ "file_extension": ".py",
+ "mimetype": "text/x-python",
+ "name": "python",
+ "nbconvert_exporter": "python",
+ "pygments_lexer": "ipython3",
+ "version": "3.11.13"
+ }
+ },
+ "nbformat": 4,
+ "nbformat_minor": 5
+}
diff --git a/week1/community-contributions/xss_vulnerable_example.html b/week1/community-contributions/xss_vulnerable_example.html
new file mode 100644
index 0000000..6e1056c
--- /dev/null
+++ b/week1/community-contributions/xss_vulnerable_example.html
@@ -0,0 +1,24 @@
+
+
+
+
+ XSS Vulnerability Example
+
+
+ Leave a Comment
+
+
+ Your Comment:
+
+
+
+
+
+
+
\ No newline at end of file