lambdasec / autogrepLinks
Autogrep automates Semgrep rule generation and filtering by using LLMs to analyze vulnerability patches, enabling automatic creation of high-quality security rules without manual curation.
☆60Updated 10 months ago
Alternatives and similar repositories for autogrep
Users that are interested in autogrep are comparing it to the libraries listed below
Sorting:
- A very simple open source implementation of Google's Project Naptime☆176Updated 9 months ago
- SAST + LLM Interprocedural Context Extractor☆169Updated 2 months ago
- Metis is an open-source, AI-driven tool for deep security code review☆429Updated this week
- 🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.☆41Updated last year
- atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.☆78Updated last week
- Focused malicious code detection ruleset, with a high protection-to-noise ratio☆138Updated 10 months ago
- AI agent for autonomous cyber operations☆451Updated 3 weeks ago
- We present MAPTA, a multi-agent system for autonomous web application security assessment that combines large language model orchestratio…☆84Updated 4 months ago
- A collection of permissively licensed Semgrep rules.☆19Updated last year
- XBOW Validation Benchmarks☆411Updated 6 months ago
- Trail of Bits Testing Handbook - appsec.guide☆87Updated this week
- A comprehensive list of software composition analysis tools.☆159Updated 2 months ago
- CodeQL queries developed by Trail of Bits☆137Updated last week
- future-proof vulnerability detection benchmark, based on CVEs in open-source repos☆63Updated this week
- Data about all known supply-chain attacks through history☆63Updated 7 months ago
- Automated web vulnerability scanning with LLM agents☆443Updated 6 months ago
- Manager of third-party sources of Semgrep rules 🗂☆92Updated last year
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.☆286Updated last week
- Raptor turns Claude Code into a general-purpose AI offensive/defensive security agent. By using Claude.md and creating rules, sub-agents,…☆897Updated this week
- Secure Code Review AI Agent (SeCoRA) - AI SAST☆54Updated 10 months ago
- A compilation of Software Supply Chain Security resources including initiatives, standards, regulations, organizations, vendors, tooling,…☆139Updated last year
- A collection of Semgrep rules which followed security guidelines for .NET and Java.☆23Updated 4 years ago
- ChainReactor is a research project that leverages AI planning to discover exploitation chains for privilege escalation on Unix systems. T…☆56Updated last year
- Semgrep queries developed by Trail of Bits.☆462Updated last month
- Vulnerability database and package search for sources such as Linux, OSV, NVD, GitHub and npm. Powered by sqlite, CVE 5.2, purl, and vers…☆133Updated last week
- AI-powered workflow automation and AI Agents platform for AppSec, Fuzzing & Offensive Security. Automate vulnerability discovery with int…☆660Updated last month
- 🔍A cutting edge context aware GraphQL API fuzzing tool!☆156Updated last week
- Top 10 for Agentic AI (AI Agent Security) serves as the core for OWASP and CSA Red teaming work☆158Updated 2 months ago
- ☆101Updated last month
- Community reconstruction of the legacy JSON NVD Data Feeds. This project uses and redistributes data from the NVD API but is neither endo…☆193Updated last week