AI-Powered Vulnerability Intelligence

From CVE Discovery
to Production Patch

AVIP autonomously researches vulnerabilities from trusted sources, validates URLs, generates OS-specific scripts, and produces deployment-ready playbooks.

4 AI Agents
3-Tier Trust
Multi-LLM
Real-time Logs

Get Started GitHub

4Autonomous Agents

3-TierSource Reliability

v2.0Fixed Report Schema

run_idIsolated Workspaces

Why AVIP?

The gap between CVE discovery and production remediation is broken

The Problem

Manual CVE research is slow. Teams spend hours cross-referencing NVD, vendor sites, and blogs. No source verification means blog posts are treated equally to official advisories. Scripts are OS-specific with no automation. No observability when things go wrong.

The Solution

4 autonomous agents handle the full pipeline in seconds. 3-tier source reliability — only official vendors, government CERTs, and reputed firms. Every URL scored 0-100 with trust proof. Full observability via WebSocket event stream.

Pipeline

Four agents collaborate from CVE to deployment-ready remediation

Research

NVD + URL trust scoring

.json.pdf

Ingestion

OS-specific scripts

.jsonscripts

Remediation

Plans + rollback

.jsonscripts

Playbook

Final combined report

.json.pdf

Inputs

Provide what you know

CVE ID

CVE-2024-4577

Product

Notepad++, Apache

OS

Windows, Linux, macOS

Arch

x64, arm64, x86

Path

/opt/app/bin

Hints

Any context

Source Reliability

Only verified sources are trusted. Blogs and forums are excluded.

Tier 1 — Highest

Official Vendors

NVD, Microsoft, Red Hat, Apache, Google, Apple

Score: +100 · 30+ domains

Tier 2 — High

Government CERTs

US-CERT, MITRE, NCSC UK, FIRST, GitHub Advisories

Score: +70 · 17 domains

Tier 3 — Medium

Security Research

Tenable, Rapid7, CrowdStrike, Cloudflare

Score: +40 · 26 domains

Excluded

Blogs & Forums

Medium, Dev.to, Reddit, StackOverflow

Score: -50 · Flagged

Architecture

Agent-only API with internal tools

User Input

→

Research

→

Ingestion

Playbook

←

Remediation

WebSocket Event Bus

Live Monitoring

Every agent step and tool call visible in real-time

Event StreamLIVE

12:00:01[research] started — CVE-2024-4577

12:00:02[nvd_query] → search: "CVE-2024-4577"

12:00:03[web_scraper] → validate 15 URLs

12:00:05[file_manager] done — saved research.json + PDF

12:00:07[ingestion] — generating 3 scripts

12:00:09[remediation] — priority=high, risk=high

12:00:11[playbook] — compiling final report

12:00:12[pipeline] complete — 4 agents, 8 tool calls

Quick Start

One-Click Setup

CloneDownload from GitHub

RunDouble-click run.bat

Openhttp://localhost:5173

TerminalRun

git clone https://github.com/Purushothaman-natarajan/Exploit2Patch.git
cd Exploit2Patch
run.bat

Resources

GitHub Architecture Developer Guide Profile

From CVE Discoveryto Production Patch

Why AVIP?

The Problem

The Solution

Pipeline

Research

Ingestion

Remediation

Playbook

Inputs

CVE ID

Product

OS

Arch

Path

Hints

Source Reliability

Official Vendors

Government CERTs

Security Research

Blogs & Forums

Architecture

Live Monitoring

Quick Start

One-Click Setup

Resources

From CVE Discovery
to Production Patch