247arjun / ai-secure-code-reviewLinks
Welcome to `ai-secure-code-review`, a repository that integrates static analysis tools with Generative AI, specifically Semgrep and Azure OpenAI's GPT models, to automate and enhance code reviews for improved efficiency, scalability, and effectiveness in identifying potential software vulnerabilities.
☆37Updated last year
Alternatives and similar repositories for ai-secure-code-review
Users that are interested in ai-secure-code-review are comparing it to the libraries listed below
Sorting:
- Create notes during a security code review in VSCode 📝 Import your favorite SAST tool findings 🛠️ and collaborate with others 🤝☆142Updated 3 months ago
- Damn Vulnerable Java (EE) Application☆144Updated 2 years ago
- Blogpost series showcasing interesting cloud - web app security bugs☆49Updated 2 years ago
- ☆114Updated 2 years ago
- PESD (Proxy Enriched Sequence Diagrams) Exporter converts Burp Suite's proxy traffic into interactive diagrams☆106Updated last year
- LLM Testing Findings Templates☆75Updated last year
- GCP GOAT is the vulnerable application for learn the GCP Security☆70Updated 8 months ago
- Prototype of Full Agentic Application Security Testing, FAAST = SAST + DAST + LLM agents☆67Updated 9 months ago
- Tarpit - A Web application seeded with vulnerabilities, rootkits, backdoors & data leaks☆82Updated 3 years ago
- This repository hosts several snippets and file related to the BsidesLV 2024 talk about Shadow and Zombie APIs by me☆18Updated last year
- Manager of 14 third-party sources comprising approximately 4,000 Semgrep rules 🗂☆98Updated last month
- A project to visualize the software supply chain☆58Updated 2 years ago
- InfoSec OpenAI Examples☆19Updated 2 years ago
- Easy-to-use Threat modeling-as-a-Code (TaaC) solution following DevSecOps principles. Simple CI/CD integration as well as console usage. …☆68Updated 7 months ago
- Purposely vulnerable Java application to help lead secure coding workshops☆191Updated last year
- OWASP Code Review Guide Web Repository☆148Updated 3 years ago
- ☆84Updated 2 years ago
- An experimental project using LLM technology to generate security documentation for Open Source Software (OSS) projects☆34Updated 11 months ago
- A small tool to help developers understand a huge set of security requirements from appsec teams��☆46Updated 3 years ago
- Damn Vulnerable Python Web App☆183Updated last year
- Semgrep rules corresponding to the OWASP ASVS standard☆27Updated 5 years ago
- Delving into the Realm of LLM Security: An Exploration of Offensive and Defensive Tools, Unveiling Their Present Capabilities.☆166Updated 2 years ago
- an extension for Burp Suite to allow researchers to utilize GPT for analys is of HTTP requests and responses☆112Updated 2 years ago
- MetaSec.js combines all the free open-source security tools to identify issues with JavaScript and automates the boring parts☆82Updated 3 years ago
- A research project to add some brrrrrr to Burp☆197Updated last year
- My collection of Semgrep rules for vulnerability detection on source code (swift, java, cobol)☆41Updated 2 months ago
- The Pixi module is a MEAN Stack web app with wildly insecure APIs!☆132Updated 3 years ago
- ☆101Updated this week
- Run Capture the Flags and Security Trainings with OWASP WrongSecrets☆54Updated this week
- ☆116Updated 2 years ago