Internal

PiperOrigin-RevId: 611493596
Change-Id: I9a71ea02dbb47a33d145fae654b908c2d9446052

google/detectors/exposedui/pytorch_serve/README.md

@@ -1,15 +1,8 @@
-# Example VulnDetector utilizing the payload generation framework
+# Exposed Pytorch Serve Notebook Detector
 
-This is an example implementation of a `VulnDetector` plugin for Tsunami that
-uses Tsunami's optional payload generation framework. This framework is designed
-to automatically select the best payload for a detector, taking out the
-guesswork when writing a new detector and reducing false positives. If
-configured, the framework will automatically utilize the
-[Tsunami Callback Server](https://github.com/google/tsunami-security-scanner-callback-server),
-which helps further validate findings.
-
-Detectors targeting remote code executions (RCE) and server-side request forgery
-(SSRF) vulnerabilities are ideal candidates for using the payload framework.
+This detector checks whether a Pytorch Serve API is exposed.
+Pytorch Serve API allows a request to upload arbitrary models.
+Having it exposed puts the hosting VM at risk of RCE.
 
 ## Build jar file for this plugin