Skip to content
/ vulnhuntrs Public

Alternative vulnhuntr + Rust implementation + tree-sitter multilingual support

License

AGPL-3.0 license
21 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

HikaruEgashira/vulnhuntrs

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

59 Commits
.devcontainer
.devcontainer
 
 
cline_docs
cline_docs
 
 
docs
docs
 
 
example
example
 
 
snapshots
snapshots
 
 
src
src
 
 
tree-sitter-go @ 12fe553
tree-sitter-go @ 12fe553
 
 
tree-sitter-java @ 94703d5
tree-sitter-java @ 94703d5
 
 
tree-sitter-javascript @ 108b2d4
tree-sitter-javascript @ 108b2d4
 
 
tree-sitter-python @ bffb65a
tree-sitter-python @ bffb65a
 
 
tree-sitter-rust @ 1f63b33
tree-sitter-rust @ 1f63b33
 
 
tree-sitter-typescript @ 8e13e1d
tree-sitter-typescript @ 8e13e1d
 
 
.gitignore
.gitignore
 
 
.gitmodules
.gitmodules
 
 
.mise.toml
.mise.toml
 
 
Cargo.lock
Cargo.lock
 
 
Cargo.toml
Cargo.toml
 
 
DEVELOPMENT.md
DEVELOPMENT.md
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
analyze-python.png
analyze-python.png
 
 
build.rs
build.rs
 
 
logo.png
logo.png
 
 

Repository files navigation

Vulnhuntrs Logo

A tool to identify remotely exploitable vulnerabilities using LLMs and static code analysis.

Autonomous AI-discovered 0day vulnerabilities

Vulnhuntrs is a security analysis tool designed to detect vulnerabilities in applications. It provides static analysis capabilities to identify potential security issues in your codebase.

Features

  • Static code analysis for security vulnerabilities
  • Support for multiple programming languages
  • Detailed vulnerability reports
  • Example vulnerable applications for testing

analyze-python

Installation

# Clone the repository
git clone https://github.com/HikaruEgashira/vulnhuntrs.git

# Build the project
cargo build --release

Usage

vulnhuntrs -r <path-to-project>

Example Applications

The repository includes example vulnerable applications to demonstrate the tool's capabilities:

  • Python app(example/python-vulnerable-app) + gpt-4o-0806
export OPENAI_API_KEY=your-api-key
cargo run -- -r example/python-vulnerable-app
  • Rust app(example/rust-vulnerable-app) + gpt-4o-mini
export OPENAI_API_KEY=your-api-key
cargo run -- -r example/rust-vulnerable-app -m gpt-4o-mini

These examples are for educational purposes only. Do not use them in production environments.

Security

This tool is intended for security research and educational purposes only. Do not use the example vulnerable applications in production environments.

License

AGPL 3.0

Acknowledgements

This project was inspired by the protectai/vulnhunter.

About

Alternative vulnhuntr + Rust implementation + tree-sitter multilingual support

Topics

security ai static-analysis vulnerability-detection llm

Resources

Readme

License

AGPL-3.0 license
Activity

Stars

21 stars

Watchers

2 watching

Forks

1 fork
Report repository

Contributors 4

  •  
  •  
  •  
  •  

Languages