Stars
A containerized Model Context Protocol (MCP) server providing static code analysis using Joern's Code Property Graph (CPG) with support for Java, C/C++, JavaScript, Python, Go, Kotlin, C#, Ghidra, …
Open-source AI agents for penetration testing
🌐 Make websites accessible for AI agents. Automate tasks online with ease.
MDG-based static vulnerability scanner specialized in analyzing npm packages and detecting taint-style and prototype pollution vulnerabilities.
This tool is an automated PWN exploitation framework designed for CTF competitions and binary vulnerability exploitation. It integrates various exploitation techniques such as stack overflow and fo…
闭源系统半自动漏洞挖掘工具,针对 jar/war/zip 进行静态代码分析,输出从source到sink的可达路径。LLM将验证路径可达性,并根据上下文给出该路径可信分数
A Systematic Literature Review on Large Language Models for Automated Program Repair
Allows to check regexes for overlaps. Based on greenery by @qntm.
jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying sensitive data, such as API endpoints and potential security v…
Bug Bounty Tricks and useful payloads and bypasses for Web Application Security.
Simple JavaScript testing framework for browsers and node.js
A curated list of GPT agents for cybersecurity
A continuously updated collection of CodeLLM papers maintained by PurCL group @ Purdue
Academic Papers about LLM Application on Security
📡 PoC auto collect from GitHub.
Course materials for Modern Binary Exploitation by RPISEC
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Neural Code Intelligence Survey 2024-25; Reading lists and resources
Dictionary of attack patterns and primitives for black-box application fault injection and resource discovery.