Skip to content
/ LLMgrep Public

LLMGrep combines the precision of Semgrep's static analysis with the power of Large Language Models to deliver comprehensive security scanning, interactive vulnerability discussions, and intelligent rule generation capabilities.

www.linkedin.com/in/muhammad-abdullah-ai-ml-developer/

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

codebytemirza/LLMgrep

BranchesTags

Repository files navigation

LLMGrep Security Analysis Tool

LLMGrep

Advanced Security Analysis Powered by Large Language Models and Semgrep

Stars Forks Issues License

LLMGrep Demo

Intelligent Security Analysis

LLMGrep combines the precision of Semgrep's static analysis with the power of Large Language Models to deliver comprehensive security scanning, interactive vulnerability discussions, and intelligent rule generation capabilities.

Static Analysis LLM Intelligence Custom Rules
Semgrep-powered code scanning with pattern matching AI-driven vulnerability assessment Automated security rule generation

Core Features

Analysis Engine

  • Dual-engine security scanning
  • Pattern-based vulnerability detection
  • Machine learning insights
  • Real-time code analysis
  • Comprehensive security reports

Intelligence Layer

  • Context-aware security chat
  • Vulnerability explanation
  • Code improvement suggestions
  • Security best practices
  • Custom rule generation

Quick Start

# Clone repository
git clone https://github.com/codebytemirza/LLMgrep.git

# Install dependencies
pip install -r requirements.txt

# Configure environment
cp .env.example .env

# Launch application
streamlit run app.py
Docker Deployment 
docker build -t llmgrep .
docker run -p 8501:8501 --env-file .env llmgrep

Architecture

Component Technology Purpose
Static Analysis Semgrep Pattern matching & vulnerability detection
AI Engine Groq LLM Intelligent code analysis
Interface Streamlit Interactive web application

Security Analysis Workflow

  1. Code Input

    • Direct code entry
    • File upload support
    • Multi-file analysis

  2. Analysis Process

    • Semgrep pattern scanning
    • LLM-based code review
    • Vulnerability assessment

  3. Results & Insights

    • Detailed findings report
    • Security recommendations
    • Interactive consultation

Advanced Configuration

Parameter Description Default
Model LLM model selection deepseek-r1
Temperature Response variation 0.1
Rules Custom Semgrep rules Optional
Metrics Performance tracking Disabled

Development

# Setup development environment
python -m venv .venv
source .venv/bin/activate

# Install development dependencies
pip install -r requirements-dev.txt

Contributing

We welcome contributions to LLMGrep. Please review our Contributing Guidelines before submitting pull requests.

Contribution Process

  1. Fork repository
  2. Create feature branch
  3. Implement changes
  4. Submit pull request

Code Standards

  • PEP 8 compliance
  • Comprehensive testing
  • Documentation updates
  • Clean commit history

License

LLMGrep is released under the MIT License. See the LICENSE file for details.

Technology Stack

Semgrep Groq Streamlit

Built with precision by @codebytemirza

About

LLMGrep combines the precision of Semgrep's static analysis with the power of Large Language Models to deliver comprehensive security scanning, interactive vulnerability discussions, and intelligent rule generation capabilities.

www.linkedin.com/in/muhammad-abdullah-ai-ml-developer/

Topics

python docker static-code-analysis static-analysis code-analysis security-automation security-tools security-analysis vulnerability-scanner security-scanning groq code-security streamlit semgrep ai-powered llm llm-applications

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages