A C++ vulnerability scanner that leverages machine learning models to automatically detect software vulnerabilities in source code.
C++ Vulnerability Scanner leveraging machine learning techniques.
This tool is designed for security researchers and developers to automate the detection of vulnerabilities in C++ source code using AI-driven models. It helps improve vulnerability management by identifying potential security flaws that manual reviews might miss, thereby enhancing software security and reducing risk.
GPU support via CUDA is recommended for faster model training but not mandatory. Pretrained models are provided to save time and avoid training from scratch. Users should ensure dataset files are correctly formatted using the provided Jupyter notebook before training or inference. The tool currently focuses on C++ vulnerabilities and specific CWE classes.
Install Python 3.7+
Install TensorFlow 2.0.0+
Install Pandas 1.2.3
Install Jupyter Notebook 6.2.0
Install CUDA Toolkit matching TensorFlow version (optional for GPU support)
Run pip3 install --no-cache-dir -r web-app/requirements.txt to install dependencies
Clone the repository: git clone https://github.com/Jiawen-Zhang/Vulnerability_Scanner
Download dataset from https://osf.io/d45bw/ and place files into Vulnerability_Scanner/dataset
Use data_formatting.ipynb to convert dataset for model consumption
Place pretrained models inside web-app/trained_model directorypip3 install --no-cache-dir -r web-app/requirements.txt
Install all required Python dependencies for the web application.
git clone https://github.com/Jiawen-Zhang/Vulnerability_Scanner
Clone the Vulnerability_Scanner repository locally.
flask run --host=0.0.0.0 --port=5000
Start the Flask web application to interact with the vulnerability scanner.
export FLASK_APP=run.py (Unix/Mac) or set FLASK_APP=run.py (Windows)
Set the environment variable to specify the Flask application entry point.