shivasurya / code-pathfinderLinks
An open-source security suite aiming to combine structural code analysis with AI-powered vulnerability detection. Built for advanced structural search, derive insights, find vulnerabilities in code.
☆81Updated this week
Alternatives and similar repositories for code-pathfinder
Users that are interested in code-pathfinder are comparing it to the libraries listed below
Sorting:
- Deptective automatically determines the native dependencies required to run any arbitrary program or command.☆122Updated last month
- A very simple open source implementation of Google's Project Naptime☆172Updated 7 months ago
- atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.☆72Updated 2 weeks ago
- MCP security wrapper☆196Updated last month
- A tool to automatically detect copy+pasted and vendored code between repositories☆70Updated last month
- Security tool against dependency typosquatting attacks☆54Updated last week
- 🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.☆41Updated 10 months ago
- Vanir is a source code-based static analysis tool that automatically identifies the list of missing security patches in the target system…☆342Updated last week
- Use LLMs for document ranking☆151Updated 6 months ago
- An OpenAI API Compatible Honeypot Gateway☆16Updated 7 months ago
- Trail of Bits Testing Handbook☆82Updated last week
- ChainReactor is a research project that leverages AI planning to discover exploitation chains for privilege escalation on Unix systems. T…☆52Updated 11 months ago
- A powerful Python library and CLI tool for parsing, analyzing, and manipulating YARA rules through Abstract Syntax Tree (AST) representat…☆29Updated 2 months ago
- Automated vulnerability discovery and annotation☆67Updated last year
- Secure Code Review AI Agent (SeCoRA) - AI SAST☆53Updated 8 months ago
- SAST + LLM Interprocedural Context Extractor☆118Updated 2 months ago
- Prevent merging of malicious code in pull requests☆238Updated 7 months ago
- Reverse engineering assistant that uses a locally running LLM to aid with pseudocode analysis.☆101Updated this week
- Generative and mutative fuzzer for Kubernetes admission controller chains by automatically parsing the cluster api specification.☆74Updated 2 years ago
- ☆72Updated last week
- Unauthenticated enumeration of AWS IAM Roles.☆25Updated last month
- CodeQL queries developed by Trail of Bits☆130Updated last week
- SecureMCP is a security auditing tool designed to detect vulnerabilities and misconfigurations in applications using the [Model Context P…☆133Updated 4 months ago
- RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and…☆153Updated 11 months ago
- Web Server Vulnerability Scanning Tool☆36Updated 7 months ago
- A flexible framework for security teams to build and deploy AI-powered workflows that complement their existing security operations.☆133Updated this week
- Manager of third-party sources of Semgrep rules 🗂☆90Updated last year
- Autogrep automates Semgrep rule generation and filtering by using LLMs to analyze vulnerability patches, enabling automatic creation of h…☆51Updated 8 months ago
- ☆69Updated this week
- Data about all known supply-chain attacks through history☆60Updated 5 months ago