@geekbb: Use Multi-Agent to automatically run the entire CVE mining process, from selecting projects, reviewing code, verifying vulnerabilities to generating ready-to-submit vulnerability reports. https://github.com/larlarua/AutoCVE…

X AI KOLs Timeline Tools

Summary

AutoCVE is an open-source tool that uses multi-agent collaboration to automatically complete the entire process from project screening, code audit, vulnerability verification to generating CVE reports, supporting one-click CVE vulnerability mining.

Use Multi-Agent to automatically run the entire CVE mining process, from selecting projects, reviewing code, verifying vulnerabilities to generating ready-to-submit vulnerability reports. https://t.co/NldjLQBLFv https://t.co/DhYf2SaWQZ
Original Article
View Cached Full Text

Cached at: 06/30/26, 07:38 AM

Simplified Chinese | English

Similar Articles

@AdamShao: Officially open-sourcing my vulnerability discovery tool: http://flounders.xyz This is an AI Agent-based fully automated vulnerability discovery workflow. You just tell the AI which project's vulnerabilities you want to find, and it will automatically download code and documentation, deeply audit the code, discover suspicious vulnerabilities, automatically verify them locally and online…

X AI KOLs Timeline

Flounder is an open-source AI agent-based tool that automates vulnerability discovery in codebases. Users describe the target and the tool autonomously downloads code, conducts deep code audits, tests vulnerabilities locally and online, and generates reports.

Unclecheng-li/VulnClaw

GitHub Trending (daily)

VulnClaw 是一个基于 LLM Agent 和 MCP 工具链的 AI 驱动渗透测试 CLI 工具,支持自然语言输入自动完成信息收集、漏洞发现、利用和报告生成全流程。

@vintcessun: Alibaba open-sourced a code review tool. The core idea is interesting — a hybrid architecture of deterministic engineering + Agent. Common issues with pure LLM review: incomplete coverage, line number drift, and unstable quality. It uses a deterministic pipeline for file selection, grouping, and rule matching, while the Agent is only responsible for dynamic decision-making and context...

X AI KOLs Timeline

Alibaba open-sourced Open Code Review, an AI code review CLI tool that adopts a hybrid architecture of deterministic engineering and Agent. It has been running internally for two years and has discovered millions of defects.

@XAMTO_AI: If you've used traditional manual penetration testing, you know!! Juggling multiple tools like Burp, Nmap, Metasploit, switching back and forth, spending hours on recon and exploit, writing PoCs by hand, writing reports until you question your life, false positives everywhere, while real vulnerabilities slip through... One developer couldn't take it anymore and open-sourced a...

X AI KOLs Timeline

Strix is an open-source AI penetration testing tool that uses autonomous AI agents to perform real vulnerability discovery and exploitation, generating working PoCs and compliance-ready reports. It supports multi-agent orchestration, CI/CD integration, and various LLMs, aiming to replace manual pentesting with AI-driven automation.

@servasyy_ai: If you're maintaining a project alone without a security team and always feel uneasy before launch, this is basically a gift for you. To be honest, I don't trust most of the so-called "AI security scanners" on the market. After scanning, they give you a screen full of warnings, 90% of which are false positives – pure waste of time. That was until I looked into strix, which topped the GitHub daily leaderboard these past two days. It's different. Strix…

X AI KOLs Timeline

Strix is an open-source AI penetration testing tool that dynamically runs applications in Docker sandboxes, uses the Caido proxy to intercept traffic, and leverages a Python sandbox to write practical Proof-of-Concept exploits to discover and verify vulnerabilities. It supports multi-agent collaboration, automatic patch generation, and CI/CD integration, making it more practical than traditional scanners with high false positive rates.