Vision Graph Vulnerability Detector
AI-powered real-time vulnerability detection for C, C++, and Java using Graph Neural Networks. Detect security flaws as you code!
🛡️ Features
Real-time Vulnerability Detection
- Buffer Overflow: Detects unsafe functions like
strcpy, sprintf, gets
- SQL Injection: Identifies dynamic query construction vulnerabilities
- Command Injection: Spots dangerous
system() calls
- Hardcoded Credentials: Finds embedded passwords and secrets
- Format String Vulnerabilities: Catches unsafe
printf usage
VS Code Integration
- ✅ Real-time Analysis: Scans code as you type with 1-second debounce
- ✅ Native Diagnostics: Red underlines with hover tooltips
- ✅ Rich UI: Beautiful results panel with detailed explanations
- ✅ Command Palette: Easy access to analysis commands
- ✅ Status Bar: Shows analysis progress and issue count
- ✅ Multi-language: Supports C, C++, and Java
🚀 Quick Start
- Install Extension: Search "Vision Graph" in VS Code Extensions
- Install Python Dependencies:
pip install flask flask-cors numpy scipy networkx
- Open Supported File: Any
.c, .cpp, .h, .hpp, or .java file
- See Results: Vulnerabilities appear as red underlines
📋 Commands
| Command |
Description |
Vision Graph: Analyze Current File |
Analyze the active file |
Vision Graph: Analyze Workspace |
Scan all supported files |
Vision Graph: Show Results Panel |
View detailed results |
Vision Graph: Clear Results |
Clear all diagnostics |
Installation
Prerequisites
- Python 3.8 or higher
- pip package manager
Install Dependencies
- Navigate to the
vision_graph_backend directory:
cd vision_graph_backend
pip install -r requirements.txt
Install Extension
- Open VS Code
- Go to Extensions (Ctrl+Shift+X)
- Install "Vision Graph Vulnerability Detector"
- Or install from VSIX:
code --install-extension vision-graph-extension-0.0.1.vsix
Usage
Commands
- Vision Graph: Analyze Current File - Analyze the currently open file
- Vision Graph: Analyze Workspace - Analyze all C/C++/Java files in workspace
- Vision Graph: Show Results Panel - Show detailed analysis results
- Vision Graph: Clear Results - Clear all diagnostics
Real-time Analysis
The extension automatically analyzes supported files when you:
- Type code (with 1-second debounce)
- Save files
- Open supported files
Configuration
Access settings via Ctrl+, and search for "Vision Graph":
{
"visionGraph.pythonPath": "python3",
"visionGraph.backendPort": 5001,
"visionGraph.enableRealTime": true,
"visionGraph.severityLevel": "medium"
}
Development
Building the Extension
cd vision-graph-extension
npm install
npm run compile
Running in Development
- Open the
vision-graph-extension folder in VS Code
- Press F5 to launch Extension Development Host
- The extension will be loaded in a new VS Code window
Packaging
npm install -g @vscode/vsce
vsce package
Architecture
┌─────────────────┐ HTTP/REST ┌──────────────────┐
│ VS Code │ ───────────────▶ │ Python Flask │
│ Extension │ │ Backend Server │
│ (TypeScript) │ ◀─────────────── │ (Port 5001) │
└─────────────────┘ └──────────────────┘
│ │
▼ ▼
┌─────────────────┐ ┌──────────────────┐
│ VS Code │ │ Graph Neural │
│ Diagnostics & │ │ Network Analysis │
│ UI Components │ │ (Simulated) │
└─────────────────┘ └──────────────────┘
Contributing
- Fork the repository
- Create a feature branch
- Make changes
- Add tests
- Submit a pull request
License
MIT License - see LICENSE file for details.
Support
For issues and feature requests, please visit our GitHub repository.
