Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

https://pwnscan.com

A binary static analysis tool that identifies vulnerabilities.

Right now, still just focused on buffer overflows. It can find some known CVEs and I’ve made several reliability improvements over the past month or so.

I think I’m going to expand to additional vulnerability types soon.



Very cool! Where can I read up on how something like this works?


You’re the second person who has asked me this, I think I need to start a blog or something.

So I dont want to give too much away about how it works because I think I might try to offer a paid version where the results are private.

But at a high level it combines an LLM, program analysis, and heuristics.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: