Software vulnerabilities are one of the critical issues in the current software development; these vulnerabilities can pose a serious risk of exploitation and result in system compromise, information leaks, and even further financial loss. Unfortunately, testing and manual code reviews cannot always find every vulnerability. To solve the problem we are using an efficient ML-driven approach to solve this ever growing cybersecurity issue.

1. Python 3: Python 3.7+
2. Tensorflow 2: Tensorflow 2.0.0+
3. Pandas: Pandas 1.2.3
4. Jupyter Notebook Notebook 6.2.0
5. CUDA Toolkit The version matches your Tensorflow version. The code works fine without GPU support, but GPU support is highly recommanded.

1. Check the version of the dependencies on your machine, or install the dependencies by runing:

$ pip3 install --no-cache-dir -r web-app/requirements.txt

2. Clone the project

$ git clone https://github.com/Jiawen-Zhang/Vulnerability_Scanner

3. Download the dataset here; put the files into Vulnerability_Scanner/dataset

4. Use the data_formatting.ipynb to convert the dataset to the format that can be used by our models.

5. To start a taining process, go to Vulnerability_Scanner/model. The Simple_CNN_binary.ipynb is a binary classifier; you can use this model to detect if the source code contains a vulnerability in our monitored classes.

6. To avoid training the model by yourself and save your time, I have uploaded my trained model here; you can download and use them directly.

$ cd web-app/

$ pip3 install --no-cache-dir -r requirements.txt

Simple_CNN_CWE119                
Simple_CNN_CWE120                    
Simple_CNN_CWE469  
Simple_CNN_CWE476                
Simple_CNN_binary

$ # Set the FLASK_APP environment variable
$ (Unix/Mac) export FLASK_APP=run.py
$ (Windows) set FLASK_APP=run.py
$ (Powershell) $env:FLASK_APP = ".\run.py"

Once you have ensured the above steps are done , run

$ flask run --host=0.0.0.0 --port=5000

http://localhost:5000/login