.webp "Arena-Hard-Auto : Advancing LLM Evaluation With Style Control Integration")
.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
Vulnhuntr leverages the power of LLMs to automatically create and analyze entire code call chains starting from remote user input and ending at server output for detection of complex, multi-step, security-bypassing vulnerabilities that go far beyond what traditional static code analysis tools are capable of performing.
See all the details including the Vulnhuntr output for all the 0-days here: Protect AI Vulnhuntr Blog
Vulnerabilities Found
| Repository | Stars | Vulnerabilities |
|---|---|---|
| ComfyUI | 64k | XSS |
| FastChat | 50k | SSRF |
| Ragflow | 35k | RCE |
| REDACTED | 29k | RCE, IDOR |
| REDACTED | 20k | SSRF |
| Ragflow | 16k | RCE |
| REDACTED | 19k | AFO |
| REDACTED | 12k | AFO, IDOR |
Limitations
- Only Python codebases are supported.
- Can only identify the following vulnerability classes:
- Local file include (LFI)
- Arbitrary file overwrite (AFO)
- Remote code execution (RCE)
- Cross site scripting (XSS)
- SQL Injection (SQLI)
- Server side request forgery (SSRF)
- Insecure Direct Object Reference (IDOR)
Installation
Important
Vulnhuntr strictly requires Python 3.10 because of a number of bugs in Jedi which it uses to parse Python code. It will not work reliably if installed with any other versions of Python.
We recommend using pipx or Docker to easily install and run Vulnhuntr.
Using Docker:
docker build -t vulnhuntr https://github.com/protectai/vulnhuntr.git#mainUsing pipx:
pipx install git+https://github.com/protectai/vulnhuntr.gitAlternatively you can install directly from source using poetry:
git clone https://github.com/protectai/vulnhuntr
cd vulnhuntr && poetry installUsage
This tool is designed to analyze a GitHub repository for potential remotely exploitable vulnerabilities. The tool requires an API key for the LLM service (GPT or Claude) and the URL of the GitHub repository or the path to a local folder.
Command Line Interface
usage: vulnhuntr.py [-h] -r ROOT [-a ANALYZE] [-l {claude,gpt}] [-v]
Analyze a GitHub project for vulnerabilities. Export your ANTHROPIC_API_KEY before running.
options:
-h, --help show this help message and exit
-r ROOT, --root ROOT Path to the root directory of the project
-a ANALYZE, --analyze ANALYZE
Specific path or file within the project to analyze
-l {claude,gpt}, --llm {claude,gpt}
LLM client to use (default: claude)
-v, --verbosity Increase output verbosity (-v for INFO, -vv for DEBUG)For more information click here.
