|
|
|
|
|
|
by b1temy
144 days ago
|
|
|
Even if it does have false positives, I expect it would make a nicer starting point for finding and verifying bugs/vulnerabilities, compared to wading through the entire codebase until you find something. Even if it is a false positive, it would probably be due to sketchy looking code (hopefully, unless it hallucinated completely new code) that you can take a look at, and maybe spot something else that the AI didn't catch. Besides the HN submission, XBOW and Hacktron AI has found plenty of vulnerabilities in code. |
|
|