Best AI tools for< Identify Vulnerabilities >
20 - AI tool Sites
NodeZero™ Platform
Horizon3.ai Solutions offers the NodeZero™ Platform, an AI-powered autonomous penetration testing tool designed to enhance cybersecurity measures. The platform combines expert human analysis by Offensive Security Certified Professionals with automated testing capabilities to streamline compliance processes and proactively identify vulnerabilities. NodeZero empowers organizations to continuously assess their security posture, prioritize fixes, and verify the effectiveness of remediation efforts. With features like internal and external pentesting, rapid response capabilities, AD password audits, phishing impact testing, and attack research, NodeZero is a comprehensive solution for large organizations, ITOps, SecOps, security teams, pentesters, and MSSPs. The platform provides real-time reporting, integrates with existing security tools, reduces operational costs, and helps organizations make data-driven security decisions.
Binary Vulnerability Analysis
The website offers an AI-powered binary vulnerability scanner that allows users to upload a binary file for analysis. The tool decompiles the executable, removes filler, formats the code, and checks for vulnerabilities by comparing against a database of historical vulnerabilities. It utilizes a finetuned CodeT5+ Embedding model to generate function-wise embeddings and checks for similarities against the DiverseVul Dataset. The tool also uses SemGrep to identify vulnerabilities in the code.
Giskard
Giskard is a testing platform for AI models that helps protect companies against biases, performance, and security issues in AI models. It offers automated detection of performance, bias, and security issues, unifies AI testing practices, and ensures compliance with the EU AI Act. Giskard provides an open-source Python library for data scientists and an enterprise collaborative hub to control all AI risks in one place. It aims to address the shortcomings of current MLOps tools in handling AI risks and compliance.
ZeroThreat
ZeroThreat is a web app and API security scanner that helps businesses identify and fix vulnerabilities in their web applications and APIs. It uses a combination of static and dynamic analysis techniques to scan for a wide range of vulnerabilities, including OWASP Top 10, CWE Top 25, and SANS Top 25. ZeroThreat also provides continuous monitoring and alerting, so businesses can stay on top of new vulnerabilities as they emerge.
Smaty.xyz
Smaty.xyz is a comprehensive platform that provides a suite of tools for code generation and security auditing. With Smaty.xyz, developers can quickly and easily generate high-quality code in multiple programming languages, ensuring consistency and reducing development time. Additionally, Smaty.xyz offers robust security auditing capabilities, enabling developers to identify and address vulnerabilities in their code, mitigating risks and enhancing the overall security of their applications.
Blue Dot
Blue Dot is a leading AI tax compliance platform that offers solutions for global tax management and VAT recovery. The platform provides a comprehensive view of employee-driven transactions, ensuring tax compliance and reducing vulnerabilities. Blue Dot's technology leverages AI and ML to optimize VAT outcomes and automate the review process for taxable employee benefits. The platform is fully integrated with expense management systems, helping organizations streamline compliance efforts and improve data integrity.
SentinelOne
SentinelOne is an advanced enterprise cybersecurity AI platform that offers a comprehensive suite of AI-powered security solutions for endpoint, cloud, and identity protection. The platform leverages AI technology to anticipate threats, manage vulnerabilities, and protect resources across the enterprise ecosystem. SentinelOne provides real-time threat hunting, managed services, and actionable insights through its unified data lake, empowering security teams to respond effectively to cyber threats. With a focus on automation, efficiency, and value maximization, SentinelOne is a trusted cybersecurity solution for leading enterprises worldwide.
SentinelOne
SentinelOne is an advanced enterprise cybersecurity AI platform that offers a comprehensive suite of AI-powered security solutions for endpoint, cloud, and identity protection. The platform leverages artificial intelligence to anticipate threats, manage vulnerabilities, and protect resources across the entire enterprise ecosystem. With features such as Singularity XDR, Purple AI, and AI-SIEM, SentinelOne empowers security teams to detect and respond to cyber threats in real-time. The platform is trusted by leading enterprises worldwide and has received industry recognition for its innovative approach to cybersecurity.
BigBear.ai
BigBear.ai is a decision intelligence solution provider trusted by leaders in various industries such as government & defense, manufacturing, healthcare, and national security. They offer AI-powered solutions to optimize operational efficiency, supply chains, autonomous systems management, and more. With a focus on national security, digital identity, and supply chain management, BigBear.ai leverages cutting-edge AI, machine learning, and computer vision technologies to address complex challenges and deliver tailored solutions for their customers.
Pl@ntNet
Pl@ntNet is a citizen science project available as an application that helps you identify plants from your photos. It is a collaborative project that brings together scientists, naturalists, and citizens from all over the world to collect and share data on plant diversity. The app uses artificial intelligence to identify plants from photos, and the data collected is used to create a global database of plant diversity. Pl@ntNet is free to use and is available in over 20 languages.
Retorio
Retorio is a cutting-edge Behavioral Intelligence (BI) Platform that fuses machine learning with scientific findings from psychology and organizational research to ultimately take learning and development to a new level within organizations. At the core of Retorio’s capabilities are its AI-powered immersive video simulations. Through these engaging role-plays, learners using Retorio get to train and develop the necessary skills through realistic scenarios. Furthermore, the personalized, on-demand feedback learners receive allows for immediate behavior change and performance improvement. Retorio’s training platform transcends the limitation of scalability and redefines how individuals and teams train and develop, bringing talent development to a new dimension.
Siwalu
Siwalu is an AI-based image recognition tool that specializes in identifying animals. The website offers apps that provide specific information about the characteristics and traits of pets, helping pet owners determine the breed of their pets quickly and accurately. By using advanced AI technology, Siwalu aims to increase knowledge about global biodiversity by focusing on animal recognition for dogs, cats, and horses. The apps have garnered millions of downloads and are praised for their accuracy and user-friendly interface.
Signum.AI
Signum.AI is a sales intelligence platform that uses artificial intelligence (AI) to help businesses identify customers who are ready to buy. The platform tracks key customer behaviors, such as social media engagement, job changes, product launches, and keyword mentions, to identify the best time to reach out to them. Signum.AI also provides personalized recommendations on how to approach each customer, based on their individual needs and interests.
Dog Identifier
Dog Identifier is an AI-based application that helps users identify over 170+ dog breeds by simply providing an image or video of a dog. The app predicts the breed of the dog and provides detailed information about characteristics, temperament, and history of the breed. Users can also search for their ideal furry companion by answering a few lifestyle-related questions. Additionally, the app features a comprehensive database of dog breeds, daily fun facts, and a new Dog Mood Detection feature that analyzes a dog's facial expressions and body language to suggest their mood.
Spot a Bot
Spot a Bot is an AI tool that estimates the number of bot accounts on Twitter by analyzing Twitter trends. Due to recent changes in Twitter's API policy, the tool is unable to provide daily trend analyses at the moment. Users can check today's trends, look for past trends, and choose trends from the UK, USA, or Germany. The tool boasts a model accuracy of 11% and has analyzed a total of 3,871 accounts and 158,540 tweets. Spot a Bot aims to help users identify and understand the prevalence of bot accounts on Twitter.
NeuProScan
NeuProScan is an AI platform designed for the early detection of pre-clinical Alzheimer's from MRI scans. It utilizes AI technology to predict the likelihood of developing Alzheimer's years in advance, helping doctors improve diagnosis accuracy and optimize the use of costly PET scans. The platform is fully customizable, user-friendly, and can be run on devices or in the cloud. NeuProScan aims to provide patients and healthcare systems with valuable insights for better planning and decision-making.
Hire Hoc
Hire Hoc is an AI-powered hiring tool that helps businesses identify and interview only the top applicants. With features like AI shortlisting, one-way video interviews, and interview scheduling, Hire Hoc can help you streamline your hiring process and make better hiring decisions.
watchID
watchID is an AI-powered tool that allows users to identify any watch instantly by simply snapping a photo. It leverages the largest watch database to provide comprehensive information about the watch, including its story, reference number, and where to acquire it. watchID also offers a marketplace where users can browse and purchase watches from various sellers. Additionally, it fosters a community of watch enthusiasts where users can share discoveries, get insights, and connect with fellow enthusiasts.
Bichos ID de Fucesa
Bichos ID de Fucesa is an AI tool that allows users to explore and identify insects, arachnids, and other arthropods using artificial intelligence. Users can discover the most searched bugs, explore new discoveries made by the community, and view curated organisms. The platform aims to expand knowledge about the fascinating world of arthropods through AI-powered identification.
CvSorter
CvSorter is an AI-powered CV and resume screening tool that streamlines the hiring process by automating screening, improving accuracy, and saving time. It allows users to upload job descriptions and candidate CVs to identify top talent efficiently. With customizable criteria and detailed reporting, CvSorter enhances recruitment workflow by focusing on identifying the best candidates quickly and accurately.
20 - Open Source AI Tools
moonshot
Moonshot is a simple and modular tool developed by the AI Verify Foundation to evaluate Language Model Models (LLMs) and LLM applications. It brings Benchmarking and Red-Teaming together to assist AI developers, compliance teams, and AI system owners in assessing LLM performance. Moonshot can be accessed through various interfaces including User-friendly Web UI, Interactive Command Line Interface, and seamless integration into MLOps workflows via Library APIs or Web APIs. It offers features like benchmarking LLMs from popular model providers, running relevant tests, creating custom cookbooks and recipes, and automating Red Teaming to identify vulnerabilities in AI systems.
garak
Garak is a free tool that checks if a Large Language Model (LLM) can be made to fail in a way that is undesirable. It probes for hallucination, data leakage, prompt injection, misinformation, toxicity generation, jailbreaks, and many other weaknesses. Garak's a free tool. We love developing it and are always interested in adding functionality to support applications.
trickPrompt-engine
This repository contains a vulnerability mining engine based on GPT technology. The engine is designed to identify logic vulnerabilities in code by utilizing task-driven prompts. It does not require prior knowledge or fine-tuning and focuses on prompt design rather than model design. The tool is effective in real-world projects and should not be used for academic vulnerability testing. It supports scanning projects in various languages, with current support for Solidity. The engine is configured through prompts and environment settings, enabling users to scan for vulnerabilities in their codebase. Future updates aim to optimize code structure, add more language support, and enhance usability through command line mode. The tool has received a significant audit bounty of $50,000+ as of May 2024.
patchwork
PatchWork is an open-source framework designed for automating development tasks using large language models. It enables users to automate workflows such as PR reviews, bug fixing, security patching, and more through a self-hosted CLI agent and preferred LLMs. The framework consists of reusable atomic actions called Steps, customizable LLM prompts known as Prompt Templates, and LLM-assisted automations called Patchflows. Users can run Patchflows locally in their CLI/IDE or as part of CI/CD pipelines. PatchWork offers predefined patchflows like AutoFix, PRReview, GenerateREADME, DependencyUpgrade, and ResolveIssue, with the flexibility to create custom patchflows. Prompt templates are used to pass queries to LLMs and can be customized. Contributions to new patchflows, steps, and the core framework are encouraged, with chat assistants available to aid in the process. The roadmap includes expanding the patchflow library, introducing a debugger and validation module, supporting large-scale code embeddings, parallelization, fine-tuned models, and an open-source GUI. PatchWork is licensed under AGPL-3.0 terms, while custom patchflows and steps can be shared using the Apache-2.0 licensed patchwork template repository.
llms-interview-questions
This repository contains a comprehensive collection of 63 must-know Large Language Models (LLMs) interview questions. It covers topics such as the architecture of LLMs, transformer models, attention mechanisms, training processes, encoder-decoder frameworks, differences between LLMs and traditional statistical language models, handling context and long-term dependencies, transformers for parallelization, applications of LLMs, sentiment analysis, language translation, conversation AI, chatbots, and more. The readme provides detailed explanations, code examples, and insights into utilizing LLMs for various tasks.
invariant
Invariant Analyzer is an open-source scanner designed for LLM-based AI agents to find bugs, vulnerabilities, and security threats. It scans agent execution traces to identify issues like looping behavior, data leaks, prompt injections, and unsafe code execution. The tool offers a library of built-in checkers, an expressive policy language, data flow analysis, real-time monitoring, and extensible architecture for custom checkers. It helps developers debug AI agents, scan for security violations, and prevent security issues and data breaches during runtime. The analyzer leverages deep contextual understanding and a purpose-built rule matching engine for security policy enforcement.
Awesome-LLM4Cybersecurity
The repository 'Awesome-LLM4Cybersecurity' provides a comprehensive overview of the applications of Large Language Models (LLMs) in cybersecurity. It includes a systematic literature review covering topics such as constructing cybersecurity-oriented domain LLMs, potential applications of LLMs in cybersecurity, and research directions in the field. The repository analyzes various benchmarks, datasets, and applications of LLMs in cybersecurity tasks like threat intelligence, fuzzing, vulnerabilities detection, insecure code generation, program repair, anomaly detection, and LLM-assisted attacks.
mutahunter
Mutahunter is an open-source language-agnostic mutation testing tool maintained by CodeIntegrity. It leverages LLM models to inject context-aware faults into codebase, ensuring comprehensive testing. The tool aims to empower companies and developers to enhance test suites and improve software quality by verifying the effectiveness of test cases through creating mutants in the code and checking if the test cases can catch these changes. Mutahunter provides detailed reports on mutation coverage, killed mutants, and survived mutants, enabling users to identify potential weaknesses in their test suites.
AwesomeLLM4APR
Awesome LLM for APR is a repository dedicated to exploring the capabilities of Large Language Models (LLMs) in Automated Program Repair (APR). It provides a comprehensive collection of research papers, tools, and resources related to using LLMs for various scenarios such as repairing semantic bugs, security vulnerabilities, syntax errors, programming problems, static warnings, self-debugging, type errors, web UI tests, smart contracts, hardware bugs, performance bugs, API misuses, crash bugs, test case repairs, formal proofs, GitHub issues, code reviews, motion planners, human studies, and patch correctness assessments. The repository serves as a valuable reference for researchers and practitioners interested in leveraging LLMs for automated program repair.
LLM-PLSE-paper
LLM-PLSE-paper is a repository focused on the applications of Large Language Models (LLMs) in Programming Language and Software Engineering (PL/SE) domains. It covers a wide range of topics including bug detection, specification inference and verification, code generation, fuzzing and testing, code model and reasoning, code understanding, IDE technologies, prompting for reasoning tasks, and agent/tool usage and planning. The repository provides a comprehensive collection of research papers, benchmarks, empirical studies, and frameworks related to the capabilities of LLMs in various PL/SE tasks.
watchtower
AIShield Watchtower is a tool designed to fortify the security of AI/ML models and Jupyter notebooks by automating model and notebook discoveries, conducting vulnerability scans, and categorizing risks into 'low,' 'medium,' 'high,' and 'critical' levels. It supports scanning of public GitHub repositories, Hugging Face repositories, AWS S3 buckets, and local systems. The tool generates comprehensive reports, offers a user-friendly interface, and aligns with industry standards like OWASP, MITRE, and CWE. It aims to address the security blind spots surrounding Jupyter notebooks and AI models, providing organizations with a tailored approach to enhancing their security efforts.
Awesome-Code-LLM
Analyze the following text from a github repository (name and readme text at end) . Then, generate a JSON object with the following keys and provide the corresponding information for each key, in lowercase letters: 'description' (detailed description of the repo, must be less than 400 words,Ensure that no line breaks and quotation marks.),'for_jobs' (List 5 jobs suitable for this tool,in lowercase letters), 'ai_keywords' (keywords of the tool,user may use those keyword to find the tool,in lowercase letters), 'for_tasks' (list of 5 specific tasks user can use this tool to do,in lowercase letters), 'answer' (in english languages)
langroid
Langroid is a Python framework that makes it easy to build LLM-powered applications. It uses a multi-agent paradigm inspired by the Actor Framework, where you set up Agents, equip them with optional components (LLM, vector-store and tools/functions), assign them tasks, and have them collaboratively solve a problem by exchanging messages. Langroid is a fresh take on LLM app-development, where considerable thought has gone into simplifying the developer experience; it does not use Langchain.
Awesome-LLM-Survey
This repository, Awesome-LLM-Survey, serves as a comprehensive collection of surveys related to Large Language Models (LLM). It covers various aspects of LLM, including instruction tuning, human alignment, LLM agents, hallucination, multi-modal capabilities, and more. Researchers are encouraged to contribute by updating information on their papers to benefit the LLM survey community.
PromptChains
ChatGPT Queue Prompts is a collection of prompt chains designed to enhance interactions with large language models like ChatGPT. These prompt chains help build context for the AI before performing specific tasks, improving performance. Users can copy and paste prompt chains into the ChatGPT Queue extension to process prompts in sequence. The repository includes example prompt chains for tasks like conducting AI company research, building SEO optimized blog posts, creating courses, revising resumes, enriching leads for CRM, personal finance document creation, workout and nutrition plans, marketing plans, and more.
llm-course
The LLM course is divided into three parts: 1. 🧩 **LLM Fundamentals** covers essential knowledge about mathematics, Python, and neural networks. 2. 🧑🔬 **The LLM Scientist** focuses on building the best possible LLMs using the latest techniques. 3. 👷 **The LLM Engineer** focuses on creating LLM-based applications and deploying them. For an interactive version of this course, I created two **LLM assistants** that will answer questions and test your knowledge in a personalized way: * 🤗 **HuggingChat Assistant**: Free version using Mixtral-8x7B. * 🤖 **ChatGPT Assistant**: Requires a premium account. ## 📝 Notebooks A list of notebooks and articles related to large language models. ### Tools | Notebook | Description | Notebook | |----------|-------------|----------| | 🧐 LLM AutoEval | Automatically evaluate your LLMs using RunPod | ![Open In Colab](img/colab.svg) | | 🥱 LazyMergekit | Easily merge models using MergeKit in one click. | ![Open In Colab](img/colab.svg) | | 🦎 LazyAxolotl | Fine-tune models in the cloud using Axolotl in one click. | ![Open In Colab](img/colab.svg) | | ⚡ AutoQuant | Quantize LLMs in GGUF, GPTQ, EXL2, AWQ, and HQQ formats in one click. | ![Open In Colab](img/colab.svg) | | 🌳 Model Family Tree | Visualize the family tree of merged models. | ![Open In Colab](img/colab.svg) | | 🚀 ZeroSpace | Automatically create a Gradio chat interface using a free ZeroGPU. | ![Open In Colab](img/colab.svg) |
16 - OpenAI Gpts
Smart Contract Audit Assistant by Keybox.AI
Get your Ethereum and L2 EVMs smart contracts audited updated knowledge base of vulnerabilities and exploits. Updated: Nov 14th 23
GetPaths
This GPT takes in content related to an application, such as HTTP traffic, JavaScript files, source code, etc., and outputs lists of URLs that can be used for further testing.
AdversarialGPT
Adversarial AI expert aiding in AI red teaming, informed by cutting-edge industry research (early dev)
VulnGPT
Your ally in navigating the CVE deluge. Expert insights for prioritizing and remediating vulnerabilities.
Ethical Hacking GPT
Guide to ethical hacking, specializing in NMAP | For Educational Purposes Only | CSV Upload Suggested |