247arjun / ai-secure-code-review
Welcome to `ai-secure-code-review`, a repository that integrates static analysis tools with Generative AI, specifically Semgrep and Azure OpenAI's GPT models, to automate and enhance code reviews for improved efficiency, scalability, and effectiveness in identifying potential software vulnerabilities.
☆23Updated this week
Related projects ⓘ
Alternatives and complementary repositories for ai-secure-code-review
- This repository hosts several snippets and file related to the BsidesLV 2024 talk about Shadow and Zombie APIs by me☆17Updated 3 months ago
- Semgrep rules corresponding to the OWASP ASVS standard☆27Updated 4 years ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆97Updated 9 months ago
- Blogpost series showcasing interesting cloud - web app security bugs☆46Updated last year
- InfoSec OpenAI Examples☆19Updated 11 months ago
- OWASP Foundation Web Respository☆33Updated 2 months ago
- GCP GOAT is the vulnerable application for learn the GCP Security☆62Updated last year
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆55Updated 4 months ago
- Custom scripts for the PIPER Burp extensions.☆97Updated last year
- Nuclei plugins to audit Chrome extensions☆64Updated 3 months ago
- ☆109Updated last year
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆129Updated last year
- ☆70Updated last year
- MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts☆77Updated last year
- A Burp Suite Extension for parsing Project Files from the CLI.☆84Updated last month
- The Pixi module is a MEAN Stack web app with wildly insecure APIs!☆112Updated last year
- ☆90Updated 2 years ago
- LLM Testing Findings Templates☆65Updated 8 months ago
- A recon tool that uses ML to predict subdomains. Then returns those that resolve.☆38Updated last week
- A small tool to help developers understand a huge set of security requirements from appsec teams☆45Updated 2 years ago
- Performing automated scan using Burp Suite Pro & Vmware Burp Rest API☆48Updated 2 years ago
- My personal collection of resources (mostly tools and training materials) for source code security audits.☆55Updated 2 months ago
- Run Capture the Flags and Security Trainings with OWASP WrongSecrets☆43Updated this week
- ☆68Updated 2 years ago
- Tarpit - A Web application seeded with vulnerabilities, rootkits, backdoors & data leaks☆76Updated 2 years ago
- Manager of third-party sources of Semgrep rules 🗂☆76Updated 3 months ago
- An extension to use Semgrep inside Burp Suite.☆87Updated last year
- ☆58Updated last year
- ☆17Updated 2 years ago