shivasurya / code-pathfinderLinks
Code Pathfinder, the open-source alternative to GitHub CodeQL built with GoLang. Built for advanced structural search, derive insights, find vulnerabilities in code.
☆67Updated this week
Alternatives and similar repositories for code-pathfinder
Users that are interested in code-pathfinder are comparing it to the libraries listed below
Sorting:
- Deptective automatically determines the native dependencies required to run any arbitrary program or command.☆120Updated last week
- atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.☆72Updated 2 weeks ago
- 🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.☆40Updated 9 months ago
- MCP security wrapper☆182Updated last week
- Trail of Bits Testing Handbook☆79Updated last month
- A tool to automatically detect copy+pasted and vendored code between repositories☆68Updated last week
- Use LLMs for document ranking☆148Updated 5 months ago
- Security tool against dependency typosquatting attacks☆54Updated last week
- A powerful Python library and CLI tool for parsing, analyzing, and manipulating YARA rules through Abstract Syntax Tree (AST) representat…☆28Updated last month
- A very simple open source implementation of Google's Project Naptime☆169Updated 5 months ago
- ☆72Updated last month
- Detecting Inconsistencies in Feature or Function Evaluations of Requirements☆67Updated last year
- Vanir is a source code-based static analysis tool that automatically identifies the list of missing security patches in the target system…☆340Updated last month
- An OpenAI API Compatible Honeypot Gateway☆16Updated 6 months ago
- SARIF Explorer: A VSCode extension that helps you visualize and triage static analysis results☆33Updated last month
- Automated vulnerability discovery and annotation☆67Updated last year
- Generative and mutative fuzzer for Kubernetes admission controller chains by automatically parsing the cluster api specification.☆74Updated 2 years ago
- Prevent merging of malicious code in pull requests☆232Updated 5 months ago
- Modular framework for file information extraction and dependency analysis to generate accurate SBOMs☆34Updated last week
- Code for the paper "Defeating Prompt Injections by Design"☆108Updated 2 months ago
- SecureMCP is a security auditing tool designed to detect vulnerabilities and misconfigurations in applications using the [Model Context P…☆130Updated 3 months ago
- SAST + LLM Interprocedural Context Extractor☆103Updated 3 weeks ago
- RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and…☆153Updated 9 months ago
- Manager of third-party sources of Semgrep rules 🗂☆87Updated last year
- Focused malicious code detection ruleset, with a high protection-to-noise ratio☆127Updated 6 months ago
- CodeQL queries developed by Trail of Bits☆118Updated this week
- Secure Code Review AI Agent (SeCoRA) - AI SAST☆49Updated 7 months ago
- Reverse engineering assistant that uses a locally running LLM to aid with pseudo-code analysis.☆90Updated last week
- ☆69Updated 3 months ago
- A Completely Modular LLM Reverse Engineering, Red Teaming, and Vulnerability Research Framework.☆50Updated 10 months ago