Skip to content

Latest commit

 

History

History
71 lines (45 loc) · 1.85 KB

README.md

File metadata and controls

71 lines (45 loc) · 1.85 KB
Vulnhuntrs Logo

A tool to identify remotely exploitable vulnerabilities using LLMs and static code analysis.

Autonomous AI-discovered 0day vulnerabilities

Vulnhuntrs is a security analysis tool designed to detect vulnerabilities in applications. It provides static analysis capabilities to identify potential security issues in your codebase.

Features

  • Static code analysis for security vulnerabilities
  • Support for multiple programming languages
  • Detailed vulnerability reports
  • Example vulnerable applications for testing

analyze-python

Installation

# Clone the repository
git clone https://github.com/HikaruEgashira/vulnhuntrs.git

# Build the project
cargo build --release

Usage

vulnhuntrs -r <path-to-project>

Example Applications

The repository includes example vulnerable applications to demonstrate the tool's capabilities:

  • Python app(example/python-vulnerable-app)+ Claude 3.5 Sonnet 20241022
export ANTHROPIC_API_KEY=your-api-key
cargo run -- -r example/python-vulnerable-app
  • Rust app(example/rust-vulnerable-app) + GPT-4o-latest
export OPENAI_API_KEY=your-api-key
cargo run -- -r example/rust-vulnerable-app -m gpt-4o

These examples are for educational purposes only. Do not use them in production environments.

Documentation

  • See DEVELOPMENT.md for development guidelines and contributing information
  • Check the example/ directory for sample vulnerable applications

Security

This tool is intended for security research and educational purposes only. Do not use the example vulnerable applications in production environments.

License

AGPL 3.0

Acknowledgements

This project was inspired by the protectai/vulnhunter.