shivasurya / code-pathfinderLinks
Code Pathfinder, the open-source alternative to GitHub CodeQL built with GoLang. Built for advanced structural search, derive insights, find vulnerabilities in code.
☆65Updated this week
Alternatives and similar repositories for code-pathfinder
Users that are interested in code-pathfinder are comparing it to the libraries listed below
Sorting:
- Deptective automatically determines the native dependencies required to run any arbitrary program or command.☆117Updated last week
- atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.☆71Updated 3 weeks ago
- Trail of Bits Testing Handbook☆78Updated 3 weeks ago
- 🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.☆40Updated 8 months ago
- Vanir is a source code-based static analysis tool that automatically identifies the list of missing security patches in the target system…☆339Updated last week
- A tool to automatically detect copy+pasted and vendored code between repositories☆61Updated last week
- Use LLMs for document ranking☆145Updated 4 months ago
- MCP security wrapper☆153Updated last week
- Security tool against dependency typosquatting attacks☆53Updated 2 weeks ago
- Automated vulnerability discovery and annotation☆67Updated last year
- Detecting Inconsistencies in Feature or Function Evaluations of Requirements☆67Updated last year
- Unauthenticated enumeration of AWS IAM Roles.☆25Updated 7 months ago
- RedFlag uses AI to identify high-risk code changes. Run it in batch mode for release candidate testing or in CI pipelines to flag PRs and…☆152Updated 9 months ago
- Tooling backed by an LLM for performing natural language searches against compiled target binaries. Search for encryption code, password …☆162Updated last year
- A very simple open source implementation of Google's Project Naptime☆165Updated 4 months ago
- Prevent merging of malicious code in pull requests☆230Updated 5 months ago
- EZGHSA is a command-line tool for summarizing and filtering vulnerability alerts on Github repositories.☆35Updated 8 months ago
- Modular framework for file information extraction and dependency analysis to generate accurate SBOMs☆33Updated last week
- SecureMCP is a security auditing tool designed to detect vulnerabilities and misconfigurations in applications using the [Model Context P…☆116Updated 2 months ago
- Reverse engineering assistant that uses a locally running LLM to aid with pseudo-code analysis.☆85Updated last month
- ☆70Updated 2 months ago
- Function callpath mapping analysis tool for Go☆34Updated 5 months ago
- Code Hierarchy Exploration Net (chen)☆21Updated 3 weeks ago
- ☆71Updated 3 weeks ago
- A Completely Modular LLM Reverse Engineering, Red Teaming, and Vulnerability Research Framework.☆50Updated 9 months ago
- CLI tool, Ghidra plug-in, and Haskell library for analyzing binaries using under-constrained symbolic execution☆119Updated last week
- CodeQL queries developed by Trail of Bits☆109Updated 2 months ago
- Generative and mutative fuzzer for Kubernetes admission controller chains by automatically parsing the cluster api specification.☆74Updated last year
- Extract +700 technologies from any repository. Detect Languages, SaaS, Cloud, Infrastructure, Dependencies and Services☆321Updated last month
- Manager of third-party sources of Semgrep rules 🗂☆87Updated last year