lambdasec / autogrepLinks
Autogrep automates Semgrep rule generation and filtering by using LLMs to analyze vulnerability patches, enabling automatic creation of high-quality security rules without manual curation.
β65Updated 10 months ago
Alternatives and similar repositories for autogrep
Users that are interested in autogrep are comparing it to the libraries listed below
Sorting:
- Manager of 14 third-party sources comprising approximately 4,000 Semgrep rules πβ97Updated 3 weeks ago
- π§ͺ Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.β42Updated last year
- Metis is an open-source, AI-driven tool for deep security code reviewβ449Updated this week
- Focused malicious code detection ruleset, with a high protection-to-noise ratioβ139Updated 10 months ago
- A collection of permissively licensed Semgrep rules.β19Updated last year
- SAST + LLM Interprocedural Context Extractorβ174Updated 2 months ago
- atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.β81Updated last week
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.2, purl, and versβ¦β134Updated last month
- A very simple open source implementation of Google's Project Naptimeβ181Updated 9 months ago
- A collection of Semgrep rules which followed security guidelines for .NET and Java.β23Updated 4 years ago
- AI agent for autonomous cyber operationsβ464Updated last month
- Data about all known supply-chain attacks through historyβ63Updated 7 months ago
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,β¦β139Updated last year
- A comprehensive list of software composition analysis tools.β160Updated 2 months ago
- Trail of Bits Testing Handbook - appsec.guideβ89Updated last week
- β101Updated last month
- A comprehensive security scanner for Model Context Protocol (MCP) servers that detects vulnerabilities and security issues in your MCP seβ¦β120Updated last month
- πA cutting edge context aware GraphQL API fuzzing tool!β156Updated this week
- LLM | Security | Operations in one github repo with good links and pictures.β87Updated 2 weeks ago
- future-proof vulnerability detection benchmark, based on CVEs in open-source reposβ64Updated last week
- Secrets scanner that understands codeβ163Updated last month
- Community reconstruction of the legacy JSON NVD Data Feeds. This project uses and redistributes data from the NVD API but is neither endoβ¦β198Updated this week
- An open-source security suite aiming to combine structural code analysis with AI-powered vulnerability detection. Built for advanced struβ¦β90Updated last week
- FastCVE: A Dockerized CVE search tool with API and CLI support for security vulnerability queries.β60Updated 2 weeks ago
- https://arxiv.org/abs/2412.02776β67Updated last year
- SecureMCP is a security auditing tool designed to detect vulnerabilities and misconfigurations in applications using the [Model Context Pβ¦β134Updated 7 months ago
- We present MAPTA, a multi-agent system for autonomous web application security assessment that combines large language model orchestratioβ¦β87Updated 4 months ago
- Vanir is a source code-based static analysis tool that automatically identifies the list of missing security patches in the target systemβ¦β348Updated 3 months ago
- ChainReactor is a research project that leverages AI planning to discover exploitation chains for privilege escalation on Unix systems. Tβ¦β55Updated last year
- Browser based Privacy Aware SBoM Explorationβ27Updated 2 weeks ago