shivasurya / code-pathfinderLinks
AI-Native Static Code Analysis for modern security teams. Built for finding vulnerabilities, advanced structural search, derive insights and supports MCP
☆97Updated this week
Alternatives and similar repositories for code-pathfinder
Users that are interested in code-pathfinder are comparing it to the libraries listed below
Sorting:
- Deptective automatically determines the native dependencies required to run any arbitrary program or command.☆127Updated last month
- A tool to automatically detect copy+pasted and vendored code between repositories☆74Updated last week
- Security tool against dependency typosquatting attacks☆54Updated this week
- atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.☆84Updated last week
- MCP security wrapper☆207Updated 2 months ago
- 🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.☆42Updated last year
- Prevent merging of malicious code in pull requests☆252Updated 3 weeks ago
- Vanir is a source code-based static analysis tool that automatically identifies the list of missing security patches in the target system…☆349Updated 3 months ago
- Metis is an open-source, AI-driven tool for deep security code review☆461Updated last week
- Use LLMs for document ranking☆164Updated 9 months ago
- Sandboxed devcontainer for running Claude Code in bypass mode safely. Built for security audits and untrusted code review.☆161Updated last week
- Data about all known supply-chain attacks through history☆63Updated 8 months ago
- A very simple open source implementation of Google's Project Naptime☆184Updated 10 months ago
- An OpenAI API Compatible Honeypot Gateway☆17Updated 10 months ago
- Automatic Exploit Generation with LLMs☆499Updated last week
- Trail of Bits Testing Handbook - appsec.guide☆92Updated last week
- MCP Snitch is a macOS application that intercepts and monitors MCP server communications, providing security analysis, access control, an…☆93Updated 3 months ago
- SAST + LLM Interprocedural Context Extractor☆176Updated 3 months ago
- RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and…☆159Updated last year
- Fast and easy to use CLI-based file encryption program 📦☆13Updated 3 months ago
- ☆76Updated 3 months ago
- Autogrep automates Semgrep rule generation and filtering by using LLMs to analyze vulnerability patches, enabling automatic creation of h…☆72Updated 11 months ago
- Focused malicious code detection ruleset, with a high protection-to-noise ratio☆141Updated 11 months ago
- Manager of 14 third-party sources comprising approximately 4,000 Semgrep rules 🗂☆97Updated last month
- SARIF Explorer: A VSCode extension that helps you visualize and triage static analysis results☆44Updated last month
- SecureMCP is a security auditing tool designed to detect vulnerabilities and misconfigurations in applications using the [Model Context P…☆137Updated 8 months ago
- Secure Code Review AI Agent (SeCoRA) - AI SAST☆54Updated last year
- Automated vulnerability discovery and annotation☆68Updated last year
- ChainReactor is a research project that leverages AI planning to discover exploitation chains for privilege escalation on Unix systems. T…☆58Updated last year
- A CLI tool for managing DigitalOcean droplets with automated setup, SSH configuration, and lifecycle management.☆36Updated this week