Vulnhuntr leverages the power of LLMs to automatically create and analyze entire code call chains starting from remote user input and ending at server output for detection of complex, multi-step, security-bypassing vulnerabilities that go far beyond what traditional static code analysis tools are capable of performing.
See all the details including the Vulnhuntr output for all the 0-days here: Protect AI Vulnhuntr Blog
| Repository | Stars | Vulnerabilities |
|---|---|---|
| ComfyUI | 64k | XSS |
| FastChat | 50k | SSRF |
| Ragflow | 35k | RCE |
| REDACTED | 29k | RCE, IDOR |
| REDACTED | 20k | SSRF |
| Ragflow | 16k | RCE |
| REDACTED | 19k | AFO |
| REDACTED | 12k | AFO, IDOR |
Important
Vulnhuntr strictly requires Python 3.10 because of a number of bugs in Jedi which it uses to parse Python code. It will not work reliably if installed with any other versions of Python.
We recommend using pipx or Docker to easily install and run Vulnhuntr.
Using Docker:
docker build -t vulnhuntr https://github.com/protectai/vulnhuntr.git#main Using pipx:
pipx install git+https://github.com/protectai/vulnhuntr.git Alternatively you can install directly from source using poetry:
git clone https://github.com/protectai/vulnhuntr
cd vulnhuntr && poetry install This tool is designed to analyze a GitHub repository for potential remotely exploitable vulnerabilities. The tool requires an API key for the LLM service (GPT or Claude) and the URL of the GitHub repository or the path to a local folder.
usage: vulnhuntr.py [-h] -r ROOT [-a ANALYZE] [-l {claude,gpt}] [-v]
Analyze a GitHub project for vulnerabilities. Export your ANTHROPIC_API_KEY before running.
options:
-h, --help show this help message and exit
-r ROOT, --root ROOT Path to the root directory of the project
-a ANALYZE, --analyze ANALYZE
Specific path or file within the project to analyze
-l {claude,gpt}, --llm {claude,gpt}
LLM client to use (default: claude)
-v, --verbosity Increase output verbosity (-v for INFO, -vv for DEBUG) For more information click here.
MySQL is the most popular open-source relational database management system. It is fast, reliable, and a…
Git is the most widely used version control system in the world. It was created by…
Go (also called Golang) is an open-source programming language built by Google. It is designed to…
Visual Studio CodeĀ (VS Code) is an open-source code editor developed by Microsoft. It is one…
Nginx (pronounced "engine x") is an open-source, high-performance web server and reverse proxy. It is used…
Apache is one of the most widely used open-source web servers in the world. It is…