Identification and patch generation of security vulnerabilities in web applications using LLMs and static analysis tools

Kaushik, Manit; Gupta, Pranav; Jalote, Pankaj (Advisor); Kumar, Dhruv (Advisor)

dc.contributor.author	Kaushik, Manit
dc.contributor.author	Gupta, Pranav
dc.contributor.author	Jalote, Pankaj (Advisor)
dc.contributor.author	Kumar, Dhruv (Advisor)
dc.date.accessioned	2026-04-18T04:47:35Z
dc.date.available	2026-04-18T04:47:35Z
dc.date.issued	2024-11-27
dc.identifier.uri	http://repository.iiitd.edu.in/xmlui/handle/123456789/1922
dc.description.abstract	Web application vulnerabilities, such as Cross-Site Scripting (XSS) and Code Injections, pose significant security risks, often leading to data breaches and privacy issues. Traditional Static Application Security Testing (SAST) tools, while effective, are limited in their ability to un- derstand code semantics and context, leading to potential missed vulnerabilities. This project investigates the integration of Large Language Models (LLMs) with SAST tools to enhance vul- nerability detection in web applications, specifically in JavaScript and PHP environments. By appending SASTs findings to LLM prompts, we explore whether this combined approach can provide more accurate and comprehensive security analysis. The research demonstrates that leveraging LLMs alongside existing static analysis tools can improve the detection of common vulnerabilities and streamline the security auditing process.	en_US
dc.language.iso	en_US	en_US
dc.publisher	IIIT-Delhi	en_US
dc.subject	Cybersecurity	en_US
dc.subject	Vulnerability	en_US
dc.subject	Detection	en_US
dc.subject	Static Analysis	en_US
dc.subject	Web Applications	en_US
dc.subject	Path Traversal	en_US
dc.title	Identification and patch generation of security vulnerabilities in web applications using LLMs and static analysis tools	en_US
dc.type	Other	en_US