lambdasec / autogrepLinks
Autogrep automates Semgrep rule generation and filtering by using LLMs to analyze vulnerability patches, enabling automatic creation of high-quality security rules without manual curation.
β43Updated 6 months ago
Alternatives and similar repositories for autogrep
Users that are interested in autogrep are comparing it to the libraries listed below
Sorting:
- β83Updated 7 months ago
- π§ͺ Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.β40Updated 8 months ago
- atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.β71Updated this week
- XBOW Validation Benchmarksβ227Updated 2 months ago
- A collection of permissively licensed Semgrep rules.β13Updated last year
- Focused malicious code detection ruleset, with a high protection-to-noise ratioβ125Updated 6 months ago
- A very simple open source implementation of Google's Project Naptimeβ168Updated 5 months ago
- Trail of Bits Testing Handbookβ79Updated last month
- Automated web vulnerability scanning with LLM agentsβ347Updated 2 months ago
- future-proof vulnerability detection benchmark, based on CVEs in open-source reposβ60Updated this week
- A comprehensive list of software composition analysis tools.β154Updated last year
- Secure Code Review AI Agent (SeCoRA) - AI SASTβ49Updated 7 months ago
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,β¦β136Updated last year
- Manager of third-party sources of Semgrep rules πβ87Updated last year
- Learn AI security through a series of vulnerable LLM CTF challenges. No sign ups, no cloud fees, run everything locally on your system.β297Updated last year
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.β220Updated this week
- Vanir is a source code-based static analysis tool that automatically identifies the list of missing security patches in the target systemβ¦β340Updated 3 weeks ago
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.1, purl, and versβ¦β129Updated 3 weeks ago
- Community reconstruction of the legacy JSON NVD Data Feeds. This project uses and redistributes data from the NVD API but is neither endoβ¦β176Updated this week
- π§ LLMFuzzer - Fuzzing Framework for Large Language Models π§ LLMFuzzer is the first open-source fuzzing framework specifically designed β¦β313Updated last year
- OSV-SCALIBR: A library for Software Composition Analysisβ487Updated this week
- A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and oβ¦β78Updated last month
- Delving into the Realm of LLM Security: An Exploration of Offensive and Defensive Tools, Unveiling Their Present Capabilities.β164Updated last year
- AIGoat: A deliberately Vulnerable AI Infrastructure. Learn AI security through solving our challenges.β249Updated 4 months ago
- SecureMCP is a security auditing tool designed to detect vulnerabilities and misconfigurations in applications using the [Model Context Pβ¦β128Updated 2 months ago
- Top 10 for Agentic AI (AI Agent Security) serves as the core for OWASP and CSA Red teaming workβ131Updated 2 months ago
- πA cutting edge context aware GraphQL API fuzzing tool!β147Updated this week
- A web CTF for training developers in bug hunting and secure coding!β99Updated 7 months ago
- Fork Threat Modeling Platform - Communityβ24Updated 4 months ago
- Project Mantis: Hacking Back the AI-Hacker; Prompt Injection as a Defense Against LLM-driven Cyberattacksβ79Updated 3 months ago