SWE-agent
by SWE-agent
SWE-agent autonomously uses language models to identify and fix GitHub issues, find cybersecurity vulnerabilities, and solve coding challenges with configurable automation.
SWE-agent takes a GitHub issue and tries to automatically fix it, using your LM of choice. It can also be employed for offensive cybersecurity or competitive coding challenges. [NeurIPS 2024]
Primary Use Case
This tool is primarily used by developers, security researchers, and red teamers to automate the detection and remediation of software issues and vulnerabilities in real GitHub repositories. It is also valuable for offensive cybersecurity tasks such as capture-the-flag challenges and competitive coding, leveraging language models to perform complex problem-solving autonomously.
- Autonomous issue fixing in GitHub repositories using customizable language models
- State-of-the-art performance on SWE-bench, an open-source software engineering benchmark
- Configurable via a single YAML file allowing flexible and generalizable workflows
- Supports multiple language models including GPT-4o and Claude Sonnet 4
- Specialized mode (EnIGMA) for offensive cybersecurity and CTF challenges
- Free-flowing agent design that maximizes language model agency
- Comprehensive documentation and easy browser-based usage via GitHub Codespaces
- Developed and maintained by Princeton and Stanford researchers
Installation
- Clone the repository from https://github.com/SWE-agent/SWE-agent
- Follow the source installation guide at https://swe-agent.com/latest/installation/source/
- Optionally, run SWE-agent directly in your browser using GitHub Codespaces via https://codespaces.new/SWE-agent/SWE-agent
- Configure the tool using the provided YAML configuration file
- Refer to the documentation for environment setup and dependencies
Usage
>_ swe-agent hello_worldRuns a basic example fixing an issue in a GitHub repository from the command line
>_ swe-agent batch_modeExecutes benchmarking tasks on SWE-bench for performance evaluation
>_ Use SWE-agent 0.7 for EnIGMA offensive cybersecurity modeRuns the EnIGMA mode specialized for solving cybersecurity capture-the-flag challenges
- Can be integrated with CI/CD pipelines to automate vulnerability detection and remediation in software development lifecycle.
- Effective for red teamers to autonomously discover and exploit vulnerabilities, accelerating offensive operations.
- Can be used to generate realistic attack scenarios for purple team exercises, improving collaboration between offense and defense.
- Potential to augment blue team threat hunting by automating identification of software flaws and suspicious code changes.
- Chaining SWE-agent with other exploitation frameworks (e.g., Metasploit) can create fully automated penetration testing workflows.
Docs Take 2 Hours. AI Takes 10 Seconds.
Ask anything about SWE-agent. Installation? Config? Troubleshooting? Get answers trained on real docs and GitHub issues—not generic ChatGPT fluff.
3 free chats per tool • Instant responses • No credit card
Related Tools
Awesome-Hacking
Hack-with-Github/Awesome-Hacking
A collection of various awesome lists for hackers, pentesters and security researchers
hackingtool
Z4nzu/hackingtool
ALL IN ONE Hacking Tool For Hackers
mitmproxy
mitmproxy/mitmproxy
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.
sqlmap
sqlmapproject/sqlmap
Automatic SQL injection and database takeover tool
metasploit-framework
rapid7/metasploit-framework
Metasploit Framework
h4cker
The-Art-of-Hacking/h4cker
This repository is maintained by Omar Santos (@santosomar) and includes thousands of resources related to ethical hacking, bug bounties, digital forensics and incident response (DFIR), AI security, vulnerability research, exploit development, reverse engineering, and more. 🔥 Also check: https://hackertraining.org