{"id":19119087,"url":"https://github.com/zeusssz/ninja","last_synced_at":"2025-07-03T22:34:22.442Z","repository":{"id":257131046,"uuid":"857329907","full_name":"zeusssz/ninja","owner":"zeusssz","description":"A high-performance vulnerability detection tool written in C++.","archived":false,"fork":false,"pushed_at":"2024-09-16T11:49:10.000Z","size":212,"stargazers_count":1,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-02-22T12:29:35.344Z","etag":null,"topics":["cpp","vulnerability-detection","vulnerability-scanners"],"latest_commit_sha":null,"homepage":"","language":"C++","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/zeusssz.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2024-09-14T11:16:45.000Z","updated_at":"2024-10-16T05:30:28.000Z","dependencies_parsed_at":"2025-01-03T07:43:10.846Z","dependency_job_id":"ae146ae1-8af0-4be9-947c-f3438caabfa1","html_url":"https://github.com/zeusssz/ninja","commit_stats":null,"previous_names":["zeusssz/ninja"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/zeusssz/ninja","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zeusssz%2Fninja","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zeusssz%2Fninja/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zeusssz%2Fninja/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zeusssz%2Fninja/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/zeusssz","download_url":"https://codeload.github.com/zeusssz/ninja/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/zeusssz%2Fninja/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":263415758,"owners_count":23463104,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cpp","vulnerability-detection","vulnerability-scanners"],"created_at":"2024-11-09T05:08:28.676Z","updated_at":"2025-07-03T22:34:22.414Z","avatar_url":"https://github.com/zeusssz.png","language":"C++","funding_links":[],"categories":[],"sub_categories":[],"readme":"### ![image](https://github.com/user-attachments/assets/c3945f79-b331-4914-85b5-0d434af3a00d) \n# Ninja\n\nNinja is a high-performance vulnerability detection tool written in C++. It integrates with the Z3 Theorem Prover for symbolic execution and cURL for fetching vulnerability data from APIs like the National Vulnerability Database (NVD).\n\n---\n\n### Features\n\n- **Static Analysis**:\n  - Detects memory leaks, buffer overflows, SQL injection, XSS, and CSRF vulnerabilities.\n  \n- **Dynamic Analysis**:\n  - Monitors for runtime errors and resource leaks.\n\n- **API Integration**:\n  - Fetches real-time vulnerability data from trusted sources like NVD.\n\n---\n\n### Table of Contents\n\n1. [Installation](#installation)\n2. [Usage](#usage)\n3. [Configuration](#configuration)\n4. [API Integration](#api-integration)\n5. [Development](#development)\n6. [Licensing](#license)\n\n---\n\n### Installation\n\nBefore using Ninja, you need to install several dependencies. Follow these steps to set up your environment.\n\n#### Dependencies\n\n1. **Z3 Theorem Prover**\n   - **Installation**:\n     ```bash\n     sudo apt-get install z3\n     ```\n   - Alternatively, you can [download and install Z3 from GitHub](https://github.com/Z3Prover/z3).\n\n\u003e[!NOTE]  \n\u003eMake sure Z3 is properly installed and accessible in your system's `PATH`.\n\n2. **cURL Library**\n   - **Installation**:\n     ```bash\n     sudo apt-get install libcurl4-openssl-dev\n     ```\n\n3. **JSON for Modern C++ (nlohmann/json)**\n   - **Installation**:\n     Add this to your `CMakeLists.txt`:\n     ```cmake\n     include(FetchContent)\n     FetchContent_Declare(\n       json\n       GIT_REPOSITORY https://github.com/nlohmann/json.git\n       GIT_TAG v3.9.1\n     )\n     FetchContent_MakeAvailable(json)\n     target_link_libraries(Ninja PRIVATE nlohmann_json::nlohmann_json)\n     ```\n\n4. **CMake**\n   - **Installation**:\n     ```bash\n     sudo apt-get install cmake\n     ```\n\n#### Full Setup\n\n1. Clone the repository:\n   ```bash\n   git clone https://github.com/zeusssz/Ninja.git\n   cd Ninja\n   ```\n\n2. Build the project:\n   ```bash\n   mkdir build\n   cd build\n   cmake ..\n   make\n   ```\n\n\u003e [!WARNING]  \n\u003e Ensure that Z3 and cURL are correctly installed and configured. Missing dependencies will result in build failure.\n\n---\n\n### Usage\n\nOnce Ninja is installed, you can run the application by executing the following command in the build directory:\n\n```bash\n./Ninja\n```\n\nYou can specify options like file paths or APIs for vulnerability detection:\n\n```bash\n./Ninja --file \u003csource-code-path\u003e --api \u003cnvd-api-url\u003e\n```\n\n\u003e [!INFORMATION]  \n\u003e By default, Ninja performs static analysis. You can extend it to dynamic analysis by using the `--dynamic` flag.\n\n---\n\n### Configuration\n\nTo configure Ninja for different vulnerability databases, update the configuration file at `config.json`.\n\n#### Example Configuration:\n\n```json\n{\n  \"api_url\": \"https://services.nvd.nist.gov/rest/json/cves/1.0\",\n  \"api_key\": \"your_api_key_here\"\n}\n```\n\n\u003e [!NOTE]  \n\u003e Make sure to keep your API keys secure and avoid committing them to public repositories.\n\n---\n\n### API Integration\n\nNinja fetches real-time vulnerability data using the **cURL** library. By default, it integrates with the National Vulnerability Database (NVD).\n\n#### NVD Integration\n\n1. Ensure you have an NVD API key.\n2. Update the `main.cpp` file with your API URL and key.\n3. Run Ninja to fetch and analyze the latest vulnerabilities.\n\n\u003e [!WARNING]  \n\u003e Excessive API requests might result in rate limiting. Use caching mechanisms or avoid frequent calls in production environments.\n\n---\n\n### Development\n\nFeel free to contribute to Ninja. Before submitting a pull request, ensure that:\n\n- Your code follows the project’s coding standards.\n- The project builds and runs correctly with no errors.\n- You write tests for any new functionality.\n\n---\n\n### License\n\nNinja is licensed under the MIT License. See the [LICENSE](LICENSE) file for more details.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzeusssz%2Fninja","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fzeusssz%2Fninja","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fzeusssz%2Fninja/lists"}