usnistgov / ai-bugfinder-testbedLinks
A static analyzer powered by AI
☆23Updated last year
Alternatives and similar repositories for ai-bugfinder-testbed
Users that are interested in ai-bugfinder-testbed are comparing it to the libraries listed below
Sorting:
- atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.☆78Updated last week
- A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…☆79Updated last month
- An open-source dataset of malicious software packages found in the wild, 100% vetted by humans.☆286Updated last week
- A fork of Bandit tool with patterns to identifying malicious python code.☆28Updated 3 years ago
- The OpenSSF CVE Benchmark consists of code and metadata for over 200 real life CVEs, as well as tooling to analyze the vulnerable codebas…☆157Updated last year
- ☆30Updated 2 months ago
- future-proof vulnerability detection benchmark, based on CVEs in open-source repos☆63Updated this week
- VFCFinder: Searching for the Missing Vulnerability Fixing Commits☆30Updated 2 years ago
- Code Hierarchy Exploration Net (chen)☆24Updated last week
- A very simple open source implementation of Google's Project Naptime☆176Updated 9 months ago
- A dataset of software supply chain compromises. Please help us maintain it!☆130Updated 3 years ago
- ☆27Updated 2 years ago
- VINCE is the Vulnerability Information and Coordination Environment developed and used by the CERT Coordination Center to improve coordin…☆85Updated 3 weeks ago
- CredData is a set of files including credentials in open source projects. CredData includes suspicious lines with manual review results a…☆52Updated last week
- Modular framework for file information extraction and dependency analysis to generate accurate SBOMs☆37Updated this week
- ☆36Updated last year
- Securibench Micro is a benchmark for static analysis tools for security.☆26Updated 7 years ago
- Security Harness Engineering for Robust Program Analysis☆106Updated 4 months ago
- ChainReactor is a research project that leverages AI planning to discover exploitation chains for privilege escalation on Unix systems. T…☆56Updated last year
- An ever-growing list of resources for data-driven vulnerability assessment and prioritization☆129Updated 2 years ago
- Generate CPG for multiple languages for code and threat analysis☆11Updated 2 years ago
- Monthly CVE Stats☆43Updated 3 weeks ago
- Statically Detecting Vulnerable Data Flows in Browser Extensions at Scale☆78Updated 4 years ago
- 🪐 A Database of Existing Security Vulnerabilities Patches to Enable Evaluation of Techniques (single-commit; multi-language)☆42Updated 8 months ago
- Home page of project "KB"☆131Updated 9 months ago
- The Cloud Property Graph is based on a Code Property Graph and tries to connect static code analysis and Cloud runtime assessment.☆28Updated 11 months ago
- ☆52Updated last year
- 🧪 Correlate Semgrep scans with Python test coverage to prioritize SAST findings and get bug fix suggestions via a self-hosted LLM.☆41Updated last year
- OWASP Ontology-driven Threat Modelling framework☆39Updated 2 years ago
- ☆154Updated 3 months ago