{"id":21321912,"url":"https://github.com/rakshit-vasava/hcl-software","last_synced_at":"2026-05-07T09:33:46.622Z","repository":{"id":257656131,"uuid":"858937211","full_name":"rakshit-vasava/HCL-Software","owner":"rakshit-vasava","description":"A project utilizing Large Language Models (LLMs) to detect software vulnerabilities and recommend contextual fixes.","archived":false,"fork":false,"pushed_at":"2024-09-28T23:05:07.000Z","size":2801,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-10-28T15:52:06.304Z","etag":null,"topics":["haystack","hugging-face","langchain","openai-api","owasp","python"],"latest_commit_sha":null,"homepage":"","language":"Jupyter Notebook","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/rakshit-vasava.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-09-17T19:40:25.000Z","updated_at":"2024-09-28T23:22:46.000Z","dependencies_parsed_at":null,"dependency_job_id":"02326b26-1a45-4190-a513-85b5938d047b","html_url":"https://github.com/rakshit-vasava/HCL-Software","commit_stats":null,"previous_names":["airborne3521/hcl-software"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/rakshit-vasava/HCL-Software","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rakshit-vasava%2FHCL-Software","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rakshit-vasava%2FHCL-Software/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rakshit-vasava%2FHCL-Software/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rakshit-vasava%2FHCL-Software/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/rakshit-vasava","download_url":"https://codeload.github.com/rakshit-vasava/HCL-Software/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/rakshit-vasava%2FHCL-Software/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32731511,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-05-07T02:14:30.463Z","status":"ssl_error","status_checked_at":"2026-05-07T02:14:29.405Z","response_time":62,"last_error":"SSL_connect returned=1 errno=0 peeraddr=140.82.121.6:443 state=error: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["haystack","hugging-face","langchain","openai-api","owasp","python"],"created_at":"2024-11-21T20:11:43.520Z","updated_at":"2026-05-07T09:33:46.605Z","avatar_url":"https://github.com/rakshit-vasava.png","language":"Jupyter Notebook","funding_links":[],"categories":[],"sub_categories":[],"readme":"# HCL-Software: Enhancing Software Security with LLMs\n\n## 🚀 Executive Summary\nThis was my capstone project with HCL Software. Our project focuses on using **Large Language Models (LLMs)** to provide recommendations (code lines or contextual information) for vulnerabilities, enhancing software security and efficiency.\n\nTraditional manual patching is time-consuming and error-prone. We introduce an accelerated approach using LLMs to provide accurate, context-specific recommendations, speeding up remediation while ensuring transparency through cited sources.\n\n## 🔑 Key Outcomes\n- Successfully built prototype models (QA, GPT-2, and ChatOpenAI).\n- Models provide remediation advice and recommendations for code fixes.\n- Our solution has commercial potential, reducing operational risks, enhancing security, and promoting safer digital environments.\n\n## 🛠 Methods and Tools\n\n### Datasets Used:\n- **OWASP Cheat Sheets** (integrated from the OWASP GitHub repository).\n\n### Analytical Models:\n1. **QA Model** (Haystack, InMemoryDocumentStore, BM25 algorithm).\n2. **GPT-2 Model** (Fine-tuned GPT-2, Hugging Face Transformers).\n3. **ChatOpenAI Model** (Langchain, RAG, OpenAI API).\n\n### Tools and Platforms:\n- **Python**, **Google Colab**, **Hugging Face**, **Haystack**, **OpenAI API**, **GitHub**, **Google Drive**, **Visual Studio Code**.\n\n## ⚙️ Results and Conclusions\nOur models successfully identified software vulnerabilities and provided actionable advice:\n- **QA Model**: Found vulnerability causes and offered patch suggestions.\n- **GPT-2 Model**: Improved extended responses using fine-tuned datasets.\n- **ChatOpenAI Model**: Delivered the \u003cins\u003emost comprehensive and contextually relevant recommendations.\u003c/ins\u003e\n\n## 🌍 Business \u0026 Social Impact\n- **Business**: Reduces the time and cost of securing software, increasing trust and reliability.\n- **Social**: Contributes to a safer digital environment, protecting users from sophisticated cyber threats.\n\n## 📄 Screenshots of Results\n\n### QA Model Output:\n- What is Cross Site Scripting?\n\u003cimg src=\"assets/QnA-Cross-Site-Scripting.png\" alt=\"QA Output\" width=\"500\"/\u003e\n\n### GPT-2 Model Output:\n- What is Cross Site Scripting?\n\u003cimg src=\"assets/GPT2-Cross-Site-Scripting.png\" alt=\"QA Output\" width=\"500\"/\u003e\n\n### ChatOpenAI Model Output:\n- What is Cross Site Scripting? And how to solve it?\n\u003cimg src=\"assets/Chat-Open-AI-Cross-Site-Scripting.png\" alt=\"QA Output\" width=\"500\"/\u003e\n\n- What is SQL Injection? And how to solve it?\n\u003cimg src=\"assets/Chat-Open-AI-SQL.png\" alt=\"QA Output\" width=\"500\"/\u003e\n\n## 📋 How to Reproduce Results\n\n### 1. QA Model\n- **Step 1**: Install Haystack, create a DocumentStore, Retriever, and Reader.\n- **Step 2**: Feed datasets ('causes', 'risks', and 'recommendations') into the model.\n- **Step 3**: Query the system using prompts like \"What is Cross-Site Scripting?\"\n\n### 2. GPT-2 Model\n- **Step 1**: Fine-tune GPT-2 with the combined dataset (HCL + OWASP).\n- **Step 2**: Set up a text generation pipeline using Hugging Face.\n- **Step 3**: Query the system using prompts like \"What is Cross-Site Scripting?\"\n\n### 3. ChatOpenAI Model\n- **Step 1**: Create a database using Chroma and Langchain's RAG.\n- **Step 2**: Query the model with prompts like \"What is SQL injection? And how do I solve it?\"\n\n## 🛠 Tools to Run the Project\n- Python, Hugging Face, Haystack, OpenAI API\n- Google Colab for processing\n\n## 🏗 Future Work\n- Integrate the model into a chat-bot within coding environments to offer instant remediation advice to developers.\n- Continuously train the model on new vulnerabilities.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frakshit-vasava%2Fhcl-software","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Frakshit-vasava%2Fhcl-software","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Frakshit-vasava%2Fhcl-software/lists"}