Vulnhuntr leverages the power of LLMs to automatically create and analyze entire code call chains starting from remote user input and ending at server output for detection of complex, multi-step, security-bypassing vulnerabilities that go far beyond what traditional static code analysis tools are capable of performing.
See all the details including the Vulnhuntr output for all the 0-days here: Protect AI Vulnhuntr Blog
Repository | Stars | Vulnerabilities |
---|---|---|
ComfyUI | 64k | XSS |
FastChat | 50k | SSRF |
Ragflow | 35k | RCE |
REDACTED | 29k | RCE, IDOR |
REDACTED | 20k | SSRF |
Ragflow | 16k | RCE |
REDACTED | 19k | AFO |
REDACTED | 12k | AFO, IDOR |
Important
Vulnhuntr strictly requires Python 3.10 because of a number of bugs in Jedi which it uses to parse Python code. It will not work reliably if installed with any other versions of Python.
We recommend using pipx or Docker to easily install and run Vulnhuntr.
Using Docker:
docker build -t vulnhuntr https://github.com/protectai/vulnhuntr.git#main
Using pipx:
pipx install git+https://github.com/protectai/vulnhuntr.git
Alternatively you can install directly from source using poetry:
git clone https://github.com/protectai/vulnhuntr
cd vulnhuntr && poetry install
This tool is designed to analyze a GitHub repository for potential remotely exploitable vulnerabilities. The tool requires an API key for the LLM service (GPT or Claude) and the URL of the GitHub repository or the path to a local folder.
usage: vulnhuntr.py [-h] -r ROOT [-a ANALYZE] [-l {claude,gpt}] [-v]
Analyze a GitHub project for vulnerabilities. Export your ANTHROPIC_API_KEY before running.
options:
-h, --help show this help message and exit
-r ROOT, --root ROOT Path to the root directory of the project
-a ANALYZE, --analyze ANALYZE
Specific path or file within the project to analyze
-l {claude,gpt}, --llm {claude,gpt}
LLM client to use (default: claude)
-v, --verbosity Increase output verbosity (-v for INFO, -vv for DEBUG)
For more information click here.
This tool leverages the Process Forking technique using the RtlCreateProcessReflection API to clone the lsass.exe…
In the evolving landscape of cybersecurity, understanding the mechanisms behind vulnerabilities is crucial for both…
Arena-Hard-Auto-v0.1 (See Paper) is an automatic evaluation tool for instruction-tuned LLMs. It contains 500 challenging…
This is a tool for searching Exploits from some Exploit Databases. Exploits are inserted at…
A list of awesome academic researches and industrial materials about Large Language Model (LLM) and…
Thanks for HIBP and this downloader. At first I was considering using it, but the…