Buttercup (CRS)
Like
Buttercup is a Cyber Reasoning System (CRS) developed by Trail of Bits for the DARPA AIxCC (AI Cyber Challenge). Buttercup finds and patches software vulnerabilities in open-source code repositories like example-libpng.
Cost / License
- Free
- Open Source
Platforms
- Linux
- Mac
- Homebrew
- Self-Hosted
- Python
Buttercup (CRS)
Like
Features
Properties
- Security-focused
Features
- Python-based
- AI-Powered
Tags
- Cybersecurity
- fix-vulnerabilities
- cyber-reasoning-system
- crs
Buttercup (CRS) News & Activities
Highlights All activities
Recent activities
- POX added Buttercup (CRS)
Buttercup (CRS) information
Developed by
TRAIL OF BITS INC Licensing
Open Source (AGPL-3.0) and Free product.Written in
Alternatives
0 alternatives listedSupported Languages
- English
AlternativeTo Category
Security & PrivacyGitHub repository
- 1,414 Stars
- 153 Forks
- 57 Open Issues
- Updated
No comments or reviews, maybe you want to be first?
Post comment/reviewWhat is Buttercup (CRS)?
Buttercup is a Cyber Reasoning System (CRS) developed by Trail of Bits for the DARPA AIxCC (AI Cyber Challenge). Buttercup finds and patches software vulnerabilities in open-source code repositories like example-libpng. It starts by running an AI/ML-assisted fuzzing campaign (built on oss-fuzz) for the program. When vulnerabilities are found, Buttercup analyzes them and uses a multi-agent AI-driven patcher to repair the vulnerability. Buttercup system consists of several components:
- Orchestrator: Coordinates the overall task process and manages the workflow
- Seed Generator: Creates inputs for vulnerability discovery
- Fuzzer: Discovers vulnerabilities through intelligent fuzzing techniques
- Program Model: Analyzes code structure and semantics for better understanding
- Patcher: Generates and applies security patches to fix vulnerabilities