Best AI tools for< Find Security Vulnerabilities >

VIDOC is an AI-powered security engineer that automates code review and penetration testing. It continuously scans and reviews code to detect and fix security issues, helping developers deliver secure software faster. VIDOC is easy to use, requiring only two lines of code to be added to a GitHub Actions workflow. It then takes care of the rest, providing developers with a tailored code solution to fix any issues found.

Escape is an API Security Platform that focuses on automated API discovery and security. It offers features such as proactively detecting security flaws, CI/CD integration, API discovery and inventory, secure data protection, compliance management, tailored remediations, and more. The platform helps users gain full security observability, find business logic flaws before production, and integrate security into their workflows. Escape aims to simplify compliance management and provide developer-friendly remediations to enhance API security.

GitHub is the world's leading AI-powered developer platform that offers a wide range of tools and features to enhance the developer experience. It provides automation for workflows, security features to find and fix vulnerabilities, instant development environments, AI-powered code assistance with GitHub Copilot, code review and management capabilities, issue tracking, collaboration tools, and more. GitHub empowers developers to accelerate innovation and collaborate efficiently, making it a go-to platform for individuals, teams, and organizations in the software development industry.

Vectra AI is a leading AI security platform that helps organizations stop advanced cyber attacks by providing an integrated signal for extended detection and response (XDR). The platform arms security analysts with real-time intelligence to detect, prioritize, investigate, and respond to threats across network, identity, cloud, and managed services. Vectra AI's AI-driven detections and Attack Signal Intelligence enable organizations to protect against various attack types and emerging threats, enhancing cyber resilience and reducing risks in critical infrastructure, cloud environments, and remote workforce scenarios. Trusted by over 1100 enterprises worldwide, Vectra AI is recognized for its expertise in AI security and its ability to stop sophisticated attacks that other technologies may miss.

PimEyes is an online face search engine that uses face recognition technology to find pictures containing given faces. It is a great tool to audit copyright infringement, protect your privacy, and find people.

usefind.ai is a website that helps users search and find information efficiently. It verifies human users before allowing access, ensuring security. The platform may take a few seconds to review the connection's security. Users are required to enable JavaScript and cookies to proceed. Performance and security are managed by Cloudflare.

ArcadianAI is a modern security monitoring platform that offers easy and affordable solutions for businesses and individuals. The platform provides security cameras, crime maps, and a 30-day free trial for users to experience its features. ArcadianAI uses AI technology for intrusion detection, smart alerts analytics, AI heatmaps search, and AI detection of people. The platform aims to enhance security measures by intelligently contextualizing, analyzing, and safeguarding premises in real-time using existing CCTV footage.

FaceCheck.ID is a facial recognition AI technology-powered search engine that allows users to upload a photo of a person to discover their social media profiles, appearances in blogs, videos, news websites, and more. It helps users verify the authenticity of individuals, avoid dangerous criminals, keep their families safe, and avoid becoming victims of various scams and crimes. The tool is designed to assist in identifying and uncovering information about individuals based on their facial features, with a focus on safety and security.

OpenBuckets is a web application designed to help users find and secure open buckets in cloud storage systems. It provides a user-friendly interface for scanning and identifying publicly accessible buckets, allowing users to take necessary actions to secure their data. With OpenBuckets, users can easily detect misconfigured buckets and prevent potential data breaches. The application offers a simple yet effective solution for enhancing cloud security and protecting sensitive information stored in cloud storage platforms.

Theresanaiforthat.com is a website that provides a platform for users to verify their identity as human users before accessing the content. The site ensures security by reviewing the connection and requires enabling JavaScript and cookies for continued access. It utilizes Cloudflare for performance and security measures.

ScaDS.AI (Center for Scalable Data Analytics and Artificial Intelligence) is a research center focusing on Data Science, Artificial Intelligence, and Big Data with locations in Dresden and Leipzig. It is one of the five new AI centers in Germany funded under the federal government's AI strategy by the Federal Ministry of Education and Research and the Free State of Saxony. The center collaborates closely with TUD Dresden University of Technology and Leipzig University, aiming to bridge the gap between mass data utilization, knowledge management, and advanced AI methods.

Shieldbase is an AI-powered enterprise search tool designed to provide secure and efficient search capabilities for businesses. It utilizes advanced artificial intelligence algorithms to index and retrieve information from various data sources within an organization, ensuring quick and accurate search results. With a focus on security, Shieldbase offers encryption and access control features to protect sensitive data. The platform is user-friendly and customizable, making it easy for businesses to implement and integrate into their existing systems. Shieldbase enhances productivity by enabling employees to quickly find the information they need, ultimately improving decision-making processes and overall operational efficiency.

Spottr is an advanced AI-powered video search tool that revolutionizes content navigation by enabling users to find specific moments in vast video archives within seconds. With sophisticated algorithms and natural language processing, Spottr offers context-aware search results and infinite video length handling capabilities. The application is ideal for various industries such as investigation, wildlife monitoring, video production, and more. Spottr eliminates the need for endless scrolling through footage, making it a valuable tool for both small businesses and large enterprises.

TenderCrunch is an RFP response management software that helps businesses streamline their tenders and win more deals. It provides a centralized library to store and organize all the information needed to respond to RFPs, RFIs, DDQs, and security questionnaires. TenderCrunch also uses AI to help users find the right answer in seconds, collaborate with their team, and answer questions automatically. As a result, businesses can save time, improve the accuracy of their responses, and win more deals.

PyjamaHR is a leading AI-powered Applicant Tracking System (ATS) and recruitment software designed to streamline the hiring process for businesses of all sizes. It offers advanced features such as source management, candidate evaluation, collaboration tools, and AI-powered candidate tests to enhance the efficiency and effectiveness of the recruitment process. With a user-friendly interface and robust security measures, PyjamaHR is a trusted solution for managing talent acquisition and improving hiring outcomes.

Pic A Pet Name is a unique online platform that utilizes advanced AI algorithms to help pet owners find the perfect name for their furry friends. By simply uploading a photo of your pet, the system generates a list of name suggestions that suit your pet's appearance and personality. In addition to name generation, the platform also offers a pet avatar creation feature, allowing users to transform their pet's photo into a custom, AI-generated avatar in various artistic styles. Pic A Pet Name prioritizes the privacy and security of user data, ensuring that uploaded pet photos are only used for name generation purposes.

Wrangle is an AI-powered job search and resume builder platform designed to help job seekers find jobs faster and more efficiently. The platform offers personalized AI copilot assistance, extensive job information, resume creation tools, job tracking features, and a learning algorithm to improve job matches. Wrangle provides a user-friendly experience with a focus on data security and no ads or subscriptions.

Saner.ai is an AI-powered note-taking app that helps you find what you search for, bring back knowledge you forgot, and develop insights without context switching. It features a powerful import tool, focus mode, natural language search, citation, list, and graph views, AI writing assistance, hierarchical folders, hardened security, robust integration, offline sync, and versatile templates. Saner.ai is free to use and is perfect for entrepreneurs, ADHDr, learners, and creators.

RquestR is an AI-powered knowledge management platform designed specifically for procurement professionals. It streamlines projects, enables instant answers retrieval, and facilitates informed decision-making. The platform offers features such as intelligent document querying, automated Q&A generation, and knowledge base building. RquestR helps in reducing response time by up to 40% and enhancing decision-making accuracy by 30%. It provides a centralized knowledge hub for managing RFPs, security questionnaires, and Q&As, all while ensuring enterprise-grade security. The platform revolutionizes the procurement process by leveraging advanced AI for lightning-fast information retrieval, accurate responses, and adaptive learning.

Rapid Claims AI is an autonomous medical coding and documentation solution powered by AI technology. It aims to streamline medical coding operations, reduce administrative costs, improve reimbursements, and ensure compliance for healthcare providers. The platform offers features like automated coding, personalized solutions, actionable insights, and customizable AI rule sets. Rapid Claims AI is designed to seamlessly integrate into existing workflows, catering to various healthcare setups and specialties. The application prioritizes security and privacy, with data encryption and secure cloud storage. It serves as a valuable tool for enhancing revenue cycle management processes in the healthcare industry.

code2prompt is a command-line tool that converts your codebase into a single LLM prompt with a source tree, prompt templating, and token counting. It automates generating LLM prompts from codebases of any size, customizing prompt generation with Handlebars templates, respecting .gitignore, filtering and excluding files using glob patterns, displaying token count, including Git diff output, copying prompt to clipboard, saving prompt to an output file, excluding files and folders, adding line numbers to source code blocks, and more. It helps streamline the process of creating LLM prompts for code analysis, generation, and other tasks.

hackingBuddyGPT is a framework for testing LLM-based agents for security testing. It aims to create common ground truth by creating common security testbeds and benchmarks, evaluating multiple LLMs and techniques against those, and publishing prototypes and findings as open-source/open-access reports. The initial focus is on evaluating the efficiency of LLMs for Linux privilege escalation attacks, but the framework is being expanded to evaluate the use of LLMs for web penetration-testing and web API testing. hackingBuddyGPT is released as open-source to level the playing field for blue teams against APTs that have access to more sophisticated resources.

Awesome GPT + Security is a curated list of awesome security tools, experimental case or other interesting things with LLM or GPT. It includes tools for integrated security, auditing, reconnaissance, offensive security, detecting security issues, preventing security breaches, social engineering, reverse engineering, investigating security incidents, fixing security vulnerabilities, assessing security posture, and more. The list also includes experimental cases, academic research, blogs, and fun projects related to GPT security. Additionally, it provides resources on GPT security standards, bypassing security policies, bug bounty programs, cracking GPT APIs, and plugin security.

Academic_LLM_Sec_Papers is a curated collection of academic papers related to LLM Security Application. The repository includes papers sorted by conference name and published year, covering topics such as large language models for blockchain security, software engineering, machine learning, and more. Developers and researchers are welcome to contribute additional published papers to the list. The repository also provides information on listed conferences and journals related to security, networking, software engineering, and cryptography. The papers cover a wide range of topics including privacy risks, ethical concerns, vulnerabilities, threat modeling, code analysis, fuzzing, and more.

GhidrOllama is a script that interacts with Ollama's API to perform various reverse engineering tasks within Ghidra. It supports both local and remote instances of Ollama, providing functionalities like explaining functions, suggesting names, rewriting functions, finding bugs, and automating analysis of specific functions in binaries. Users can ask questions about functions, find vulnerabilities, and receive explanations of assembly instructions. The script bridges the gap between Ghidra and Ollama models, enhancing reverse engineering capabilities.

Awesome LLM for APR is a repository dedicated to exploring the capabilities of Large Language Models (LLMs) in Automated Program Repair (APR). It provides a comprehensive collection of research papers, tools, and resources related to using LLMs for various scenarios such as repairing semantic bugs, security vulnerabilities, syntax errors, programming problems, static warnings, self-debugging, type errors, web UI tests, smart contracts, hardware bugs, performance bugs, API misuses, crash bugs, test case repairs, formal proofs, GitHub issues, code reviews, motion planners, human studies, and patch correctness assessments. The repository serves as a valuable reference for researchers and practitioners interested in leveraging LLMs for automated program repair.

AIShield Watchtower is a tool designed to fortify the security of AI/ML models and Jupyter notebooks by automating model and notebook discoveries, conducting vulnerability scans, and categorizing risks into 'low,' 'medium,' 'high,' and 'critical' levels. It supports scanning of public GitHub repositories, Hugging Face repositories, AWS S3 buckets, and local systems. The tool generates comprehensive reports, offers a user-friendly interface, and aligns with industry standards like OWASP, MITRE, and CWE. It aims to address the security blind spots surrounding Jupyter notebooks and AI models, providing organizations with a tailored approach to enhancing their security efforts.

OpenShield is a firewall designed for AI models to protect against various attacks such as prompt injection, insecure output handling, training data poisoning, model denial of service, supply chain vulnerabilities, sensitive information disclosure, insecure plugin design, excessive agency granting, overreliance, and model theft. It provides rate limiting, content filtering, and keyword filtering for AI models. The tool acts as a transparent proxy between AI models and clients, allowing users to set custom rate limits for OpenAI endpoints and perform tokenizer calculations for OpenAI models. OpenShield also supports Python and LLM based rules, with upcoming features including rate limiting per user and model, prompts manager, content filtering, keyword filtering based on LLM/Vector models, OpenMeter integration, and VectorDB integration. The tool requires an OpenAI API key, Postgres, and Redis for operation.

Awesome-Jailbreak-on-LLMs is a collection of state-of-the-art, novel, and exciting jailbreak methods on Large Language Models (LLMs). The repository contains papers, codes, datasets, evaluations, and analyses related to jailbreak attacks on LLMs. It serves as a comprehensive resource for researchers and practitioners interested in exploring various jailbreak techniques and defenses in the context of LLMs. Contributions such as additional jailbreak-related content, pull requests, and issue reports are welcome, and contributors are acknowledged. For any inquiries or issues, contact [email protected]. If you find this repository useful for your research or work, consider starring it to show appreciation.

Analyze the following text from a github repository (name and readme text at end) . Then, generate a JSON object with the following keys and provide the corresponding information for each key, in lowercase letters: 'description' (detailed description of the repo, must be less than 400 words，Ensure that no line breaks and quotation marks.),'for_jobs' (List 5 jobs suitable for this tool,in lowercase letters), 'ai_keywords' (keywords of the tool,user may use those keyword to find the tool,in lowercase letters), 'for_tasks' (list of 5 specific tasks user can use this tool to do,in lowercase letters), 'answer' (in english languages)

LLM-PLSE-paper is a repository focused on the applications of Large Language Models (LLMs) in Programming Language and Software Engineering (PL/SE) domains. It covers a wide range of topics including bug detection, specification inference and verification, code generation, fuzzing and testing, code model and reasoning, code understanding, IDE technologies, prompting for reasoning tasks, and agent/tool usage and planning. The repository provides a comprehensive collection of research papers, benchmarks, empirical studies, and frameworks related to the capabilities of LLMs in various PL/SE tasks.

Jailbreak is a comprehensive guide exploring iOS 17 and its various versions, discussing the benefits, status, possibilities, and future impact of jailbreaking iOS devices. It covers topics such as preparation, safety measures, differences between tethered and untethered jailbreaks, best practices, and FAQs. The guide also provides information on specific jailbreak tools like Palera1n, Serotonin, NekoJB, Redensa, and Dopamine, along with their features and download links. Users can learn about supported devices, the latest updates, and the status of jailbreaking for different iOS versions. The tool aims to empower users to unlock new possibilities and customize their devices beyond Apple's restrictions.

Open AI is a powerful tool for artificial intelligence research and development. It provides a wide range of machine learning models and algorithms, making it easier for developers to create innovative AI applications. With Open AI, users can explore cutting-edge technologies such as natural language processing, computer vision, and reinforcement learning. The platform offers a user-friendly interface and comprehensive documentation to support users in building and deploying AI solutions. Whether you are a beginner or an experienced AI practitioner, Open AI offers the tools and resources you need to accelerate your AI projects and stay ahead in the rapidly evolving field of artificial intelligence.

Laragenie is an AI chatbot designed to understand and assist developers with their codebases. It runs on the command line from a Laravel app, helping developers onboard to new projects, understand codebases, and provide daily support. Laragenie accelerates workflow and collaboration by indexing files and directories, allowing users to ask questions and receive AI-generated responses. It supports OpenAI and Pinecone for processing and indexing data, making it a versatile tool for any repo in any language.

This repository contains a comprehensive collection of 63 must-know Large Language Models (LLMs) interview questions. It covers topics such as the architecture of LLMs, transformer models, attention mechanisms, training processes, encoder-decoder frameworks, differences between LLMs and traditional statistical language models, handling context and long-term dependencies, transformers for parallelization, applications of LLMs, sentiment analysis, language translation, conversation AI, chatbots, and more. The readme provides detailed explanations, code examples, and insights into utilizing LLMs for various tasks.

Airbyte is an open-source data integration platform that makes it easy to move data from any source to any destination. With Airbyte, you can build and manage data pipelines without writing any code. Airbyte provides a library of pre-built connectors that make it easy to connect to popular data sources and destinations. You can also create your own connectors using Airbyte's low-code Connector Development Kit (CDK). Airbyte is used by data engineers and analysts at companies of all sizes to move data for a variety of purposes, including data warehousing, data analysis, and machine learning.

Introducing IAC Code Guardian: Your Trusted IaC Security Expert in Scanning Opentofu, Terrform, AWS Cloudformation, Pulumi, K8s Yaml & Dockerfile

Answers all reverse engineering queries.

Expert in API Security Testing

Expert in CVEs and cybersecurity vulnerabilities, providing precise information from the National Vulnerability Database.

Auditor for Solidity contracts, focusing on security, bug-finding and gas efficiency.

Engagingly clarifies web security topics with interactive questions.

Creates Application Security Test cases in YAML

Expert in BloodHound CE, Cypher, SharpHound, and related tech

Expert in ethical hacking, leveraging https://pentestbook.six2dez.com/ and https://book.hacktricks.xyz resources for CTFs and challenges.

Asistente de código y pentesting

HackingPT is a specialized language model focused on cybersecurity and penetration testing, committed to providing precise and in-depth insights in these fields.

A cybersecurity expert aiding in penetration testing. Check repo: https://github.com/GreyDGL/PentestGPT

This GPT takes in content related to an application, such as HTTP traffic, JavaScript files, source code, etc., and outputs lists of URLs that can be used for further testing.

A cryptic, enigmatic GPT guarding a secret key

Ask me to recommend a plugin or script from the official Hex-Rays plugin repository

Guides on staying safe.

Your AI OSINT assistant. Our tool helps you find the data needle in the internet haystack.

Who let the dogs out? Who stole your favorite toy? Who moved my cheese? Let’s find out!

Play as a detective to investigate the case and find out the truth.

An automated cyber threat intelligence expert configured and trained by Bob Gourley. Pls provide feedback. Find Bob on X at @bobgourley