sourcepulse logobeta
HomeBrowse all repos

Callisto  by JetP1ane

Binary vulnerability analysis tool for zero-day discovery

created 2 years ago
366 stars

Top 78.1% on sourcepulse

GitHubView on GitHub
Project Summary

Callisto is an automated binary vulnerability analysis tool designed to assist researchers in binary analysis and zero-day vulnerability discovery. It decompiles binaries, analyzes pseudocode with Semgrep and GPT-3.5-Turbo for vulnerability detection, and outputs findings to reduce false positives.

How It Works

Callisto leverages Ghidra's headless decompiler to generate pseudocode from a given binary. This pseudocode is then analyzed by Semgrep using custom C rules. Findings from Semgrep are further validated and potentially augmented by GPT-3.5-Turbo, offering a dual-validation approach to enhance accuracy and depth in vulnerability identification.

Quick Start & Requirements

  • Install: pip install -r requirements.txt
  • Prerequisites: Ghidra, Semgrep, OpenAI API token (for GPT-3.5-Turbo feature, configured in config.txt), correct Ghidra path set in config.txt.
  • Run: python callisto.py -b <path_to_binary> [-ai] [-o <path_to_output_file>] [-all]
    • -ai: Enables GPT-3.5-Turbo analysis.
    • -o: Specifies an output file.
    • -all: Runs all functions through AI analysis (requires -ai).
  • Documentation: https://github.com/JetP1ane/Callisto

Highlighted Details

  • Utilizes Ghidra for headless decompilation.
  • Employs Semgrep for initial SAST analysis.
  • Integrates GPT-3.5-Turbo for secondary validation and enhanced discovery.
  • Aims to reduce false positives through a dual-validation pipeline.

Maintenance & Community

The project acknowledges Marco Ivaldi (@0xdea) for his contributions to Semgrep rules and research methodology. Further community or maintenance details are not specified in the README.

Licensing & Compatibility

The README does not explicitly state a license. Compatibility for commercial use or closed-source linking is not detailed.

Limitations & Caveats

The tool requires an OpenAI API key for its advanced AI features. The effectiveness of vulnerability detection is dependent on the quality of Ghidra's decompilation and the capabilities of Semgrep and GPT-3.5-Turbo. It is not guaranteed to catch all vulnerabilities.

Health Check
Last commit

2 years ago

Responsiveness

1 day

Pull Requests (30d)
0
Issues (30d)
0
Star History
4 stars in the last 90 days

Explore Similar Projects

r2d2 by dnakov

0%
277
radare2 plugin for GPT-4-powered reverse engineering
created 1 year ago
updated 1 year ago

Sekiryu by 20urc3

0%
357
Ghidra toolkit for headless code analysis automation
created 2 years ago
updated 3 months ago

VulChatGPT by ke0z

0.8%
364
IDA PRO plugin for binary vulnerability detection via OpenAI
created 2 years ago
updated 2 years ago

ghidra_tools by tenable

0%
312
Ghidra scripts for code analysis and annotation
created 3 years ago
updated 2 years ago

BinaryChat by Protosec-Research

0.8%
363
CLI tool for binary analysis, aiding CTF Pwners
created 2 years ago
updated 9 months ago

finite-monkey-engine by BradMoonUESTC

2.2%
278
AI engine for smart contract audit
created 1 year ago
updated 1 day ago

bbFuzzing.txt by reewardius

0.3%
394
Fuzzing wordlist, mostly AI-generated, for web app security testing
created 2 years ago
updated 1 month ago

DeepSeekSelfTool by ChinaRan0

0.2%
618
AI cybersecurity toolkit by DeepSeek for network security tasks
created 6 months ago
updated 5 months ago

gpt3_security_vulnerability_scanner by chris-koch-penn

0%
603
GPT-3 experiment for security vulnerability detection in code
created 2 years ago
updated 2 years ago
Starred by Dan Guido Dan Guido(Cofounder of Trail of Bits).

vulnhuntr by protectai

13.6%
2k
LLM-powered tool for zero-day vulnerability discovery via static code analysis
created 9 months ago
updated 5 months ago

hackGPT by NoDataFound

0.4%
1k
ChatGPT tool for offensive security tasks
created 2 years ago
updated 1 week ago
Starred by Boris Cherny Boris Cherny(Creator of Claude Code; MTS at Anthropic), Georgios Konstantopoulos Georgios Konstantopoulos(CTO, General Partner at Paradigm), and
2 more.

gosec by securego

0.2%
8k
Go security checker for scanning Go AST and SSA code
created 9 years ago
updated 6 days ago
Feedback? Help us improve.