RYCLIC

We use LLMs to detect reference miscounting vulnerabilities that most SAST tools miss. Our technology understands code semantics to prevent critical flaws, strengthening software reliability at scale.

Comment

Inspiration

We wanted to push the limits of how LLMs are used for cybersecurity. Many tools already exist that attempt to leverage LLMs to find vulnerabilities, but almost all of them try to find all types of bug classes. We decided to focus on one specific type of bug class that is prevelant in many complex codebases, such as the Linux kernel.

What it does

Our tool finds reference counting vulnerabilities in C/C++ programs.

How we built it

We used Google Gemini 2.5 Pro as our model, and LangGraph to build our agents.

Challenges we ran into

The codebases that we're testing on are large and very complex. This means that the AI has to find vulnerabilities like a needle in a haystack. We use modern techniques to make it easier for the AI to read and understand what the code is doing.

Accomplishments that we're proud of

What we learned

What's next for RYCLIC

Built With

Share this project:

Updates