vulnhuntr

We have hosted the application vulnhuntr in order to run this application in our online workstations with Wine or directly.

Quick description about vulnhuntr:

Vulnhuntr is an open source security tool that uses large language models to analyze codebases and identify remotely exploitable vulnerabilities. It focuses on Python projects and applies static code analysis combined with LLM reasoning to trace how user input flows through an application. Instead of scanning entire repositories at once, it builds call chains step by step, allowing deeper inspection of complex, multi-stage issues that traditional tools may miss. Vulnhuntr can generate detailed findings, including vulnerability explanations and potential exploit paths, helping developers and security teams understand risks faster. It supports multiple LLM providers such as OpenAI, Anthropic, and Ollama, and can be run via CLI, Docker, or pipx. Vulnhuntr is particularly useful for early-stage security reviews, bug bounty hunting, and auditing dependencies for hidden risks across open source projects.

Features:

• LLM-powered static code analysis for vulnerability detection
• Traces full input-to-output call chains across codebases
• Identifies complex and multi-step security issues traditional tools miss
• Supports multiple LLM providers like OpenAI, Claude, and Ollama
• Generates detailed findings with explanations and exploit insights
• CLI, Docker, and pipx support for flexible deployment

Programming Language: Python.
Categories: