lambdasec / autogrepLinks
Autogrep automates Semgrep rule generation and filtering by using LLMs to analyze vulnerability patches, enabling automatic creation of high-quality security rules without manual curation.
β51Updated 8 months ago
Alternatives and similar repositories for autogrep
Users that are interested in autogrep are comparing it to the libraries listed below
Sorting:
- π§ͺ Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.β41Updated 10 months ago
- A very simple open source implementation of Google's Project Naptimeβ172Updated 7 months ago
- atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.β72Updated 2 weeks ago
- β93Updated 9 months ago
- Manager of third-party sources of Semgrep rules πβ90Updated last year
- Focused malicious code detection ruleset, with a high protection-to-noise ratioβ127Updated 8 months ago
- A comprehensive list of software composition analysis tools.β156Updated last week
- XBOW Validation Benchmarksβ299Updated 4 months ago
- AI agent for autonomous cyber operationsβ319Updated this week
- A collection of permissively licensed Semgrep rules.β17Updated last year
- future-proof vulnerability detection benchmark, based on CVEs in open-source reposβ60Updated last week
- https://arxiv.org/abs/2412.02776β64Updated 10 months ago
- SAST + LLM Interprocedural Context Extractorβ118Updated 2 months ago
- Automated web vulnerability scanning with LLM agentsβ361Updated 4 months ago
- Trail of Bits Testing Handbookβ82Updated last week
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,β¦β137Updated last year
- An open-source security suite aiming to combine structural code analysis with AI-powered vulnerability detection. Built for advanced struβ¦β81Updated this week
- πA cutting edge context aware GraphQL API fuzzing tool!β151Updated last month
- β151Updated last month
- A web CTF for training developers in bug hunting and secure coding!β100Updated 9 months ago
- A collection of Semgrep rules which followed security guidelines for .NET and Java.β24Updated 4 years ago
- Community reconstruction of the legacy JSON NVD Data Feeds. This project uses and redistributes data from the NVD API but is neither endoβ¦β182Updated this week
- We present MAPTA, a multi-agent system for autonomous web application security assessment that combines large language model orchestratioβ¦β69Updated 2 months ago
- A comprehensive security scanner for Model Context Protocol (MCP) servers that detects vulnerabilities and security issues in your MCP seβ¦β103Updated last week
- CodeQL queries developed by Trail of Bitsβ130Updated last week
- Semgrep queries developed by Trail of Bits.β448Updated last month
- ChainReactor is a research project that leverages AI planning to discover exploitation chains for privilege escalation on Unix systems. Tβ¦β52Updated 11 months ago
- tool designed for identifying vulnerabilities in open source codebases at scale. It can gather and filter on key repository metrics such β¦β234Updated 8 months ago
- CyberGym is a large-scale, high-quality cybersecurity evaluation framework designed to rigorously assess the capabilities of AI agents onβ¦β83Updated 3 weeks ago
- Secure Code Review AI Agent (SeCoRA) - AI SASTβ53Updated 8 months ago