247arjun / ai-secure-code-review
Welcome to `ai-secure-code-review`, a repository that integrates static analysis tools with Generative AI, specifically Semgrep and Azure OpenAI's GPT models, to automate and enhance code reviews for improved efficiency, scalability, and effectiveness in identifying potential software vulnerabilities.
☆23Updated last week
Related projects ⓘ
Alternatives and complementary repositories for ai-secure-code-review
- GCP GOAT is the vulnerable application for learn the GCP Security☆62Updated last year
- InfoSec OpenAI Examples☆19Updated 11 months ago
- Blogpost series showcasing interesting cloud - web app security bugs☆46Updated last year
- This repository hosts several snippets and file related to the BsidesLV 2024 talk about Shadow and Zombie APIs by me☆17Updated 3 months ago
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆131Updated last year
- Tarpit - A Web application seeded with vulnerabilities, rootkits, backdoors & data leaks☆76Updated 2 years ago
- ☆110Updated last year
- Nuclei plugins to audit Chrome extensions☆64Updated 4 months ago
- ☆90Updated 2 years ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆98Updated 9 months ago
- MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts☆78Updated last year
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆55Updated 4 months ago
- OAuth 2.0 Dynamic Security Scanner☆31Updated 3 years ago
- A vulnerable environment for exploring common GCP misconfigurations and vulnerabilities☆25Updated 4 months ago
- Performing automated scan using Burp Suite Pro & Vmware Burp Rest API☆49Updated 2 years ago
- The Pixi module is a MEAN Stack web app with wildly insecure APIs!☆112Updated last year
- Semgrep rules corresponding to the OWASP ASVS standard☆27Updated 4 years ago
- 🖇️ STRIDE vs. ASVS equivalence table☆75Updated 2 months ago
- Custom scripts for the PIPER Burp extensions.☆97Updated last year
- Enumerate AWS permissions and resources.☆64Updated 2 years ago
- WhereToGo - is a list of popular services that might be used in organizations. By having an account of the user - you can try to find ent…☆117Updated 2 years ago
- Appsecco training course content on Attacking and Auditing Dockers Containers and Kubernetes Clusters☆13Updated 4 years ago
- Damn Vulnerable C# Application (API)☆71Updated 4 months ago
- ☆71Updated last year
- A Burp Suite Extension for parsing Project Files from the CLI.☆84Updated last month
- Resources to learn cloud environment and pentesting the same, contains AWS, Azure, Google Cloud☆50Updated 2 years ago
- LLM Testing Findings Templates☆65Updated 9 months ago
- An extension to use Semgrep inside Burp Suite.☆88Updated last year
- ☆68Updated 2 years ago
- Damn Vulnerable Java (EE) Application☆130Updated 9 months ago