Introducing Zerodayf, A dynamic, AI-driven code analysis vulnerability scanner

Zerodayf is an advanced code analysis platform that leverages artificial intelligence to identify vulnerabilities within source code.

Zerodayf follows the same approach I have been using for CVE hunting and automates that with AI.

Core Workflow

1. Setup & Integration: Configure Zerodayf’s proxy to intercept web traffic.
2. Code Access: Grant read-level access to the source code repository.
3. Route Navigation: Browse through endpoints like /admin/dashboard, /posts/delete/1, or /login?redirect=/dashboard to generate traffic.
4. Code Mapping: Zerodayf links accessed routes to backend components, including server-side code and template files.
5. API Analysis: Detects and maps client-side API calls (e.g., fetch('/api/user'), Ajax.post('/api/delete-post')) to backend handlers.
6. AI Vulnerability scan: Sends mapped code to an AI model for security analysis.

🔗 GitHub Repository: https://github.com/0xHamy/zerodayf