LogoAISecKit
  • Search
  • Collection
  • Category
  • Tag
  • Blog
  • Pricing
  • Submit
LogoAISecKit

Newsletter

Join the Community

Subscribe to our newsletter for the latest news and updates

LogoAISecKit

Curated directory of 1700+ AI tools, models, frameworks, MCP servers, and cybersecurity resources

GitHub
Product
  • Search
  • Collection
  • Category
  • Tag
Resources
  • Blog
  • Pricing
  • Submit
Company
  • About Us
  • Privacy Policy
  • Terms of Service
  • Sitemap
Copyright © 2026 All Rights Reserved.
Sponsored Resources
  1. Home
  3. Category
  7. CodeScan

CodeScan

A lightweight code auditing scanner for red teams to quickly match Sink points in code during assessments.

Visit Website
Visit Website

Introduction

CodeScan

CodeScan is a lightweight auditing tool specifically designed for quickly matching Sink points in code. It is particularly useful during red team assessments where rapid identification of vulnerabilities is critical.

Key Features:
  • Lightweight: Minimal resource usage allowing for quick scans.
  • Sink Point Matching: Targets vulnerable points in most incomplete code and dependencies.
  • Static Analysis: Conducts static analysis based on JAR files by default, allowing for accurate vulnerability assessments.
  • Multi-language Support: Currently supports PHP and Java (JSP), enhancing versatility in code audits.
  • Customizable: Users can customize blacklists and whitelists to refine scanning criteria and results.
  • Detailed Reporting: Generates results that can be easily transformed from TXT to Excel for easier reporting.
Benefits:
  • Efficient: Reduces time spent on code audits by automating the identification of vulnerabilities.
  • User-Friendly: Simple command line usage with various options for thorough scans.
  • Community Support: Open-source nature allows for contributions and improvements from the developer community.
Highlights:
  • Enables red teams to perform quick and effective code state assessments.
  • Provides a structured approach to identifying and mitigating potential risks in code.
  • Regular updates and community engagement ensure ongoing improvements and features.
Back

Information

  • Publisher
    AISecKit
  • Websitegithub.com
  • Published date2025/04/28

Categories

  • DevSecOps Tools
  • Penetration Testing
  • Vulnerability Scanners

Tags

  • Application Security
  • Security Auditing
  • Open Source
  • Incident Response
  • Vulnerability Scanning
  • Penetration Testing

More Products

image of Phantom
DevSecOps ToolsPenetration TestingVulnerability Scanners
Visit Website
icon of Phantom

Phantom

A browser extension for SRC vulnerability mining, collecting sensitive information and suspicious clues from web pages.

Security AuditingOpen SourceIncident ResponseVulnerability ScanningAPI Security+1
E
Penetration TestingSecurity Training PlatformsAI Security Monitoring
Visit Website
icon of Exploiting AI

Exploiting AI

An introductory class on understanding AI security risks and mitigation strategies.

Prompt InjectionGenerative AIRed Team TestingData Poisoning
F
Input Validation & FilteringPenetration TestingAI Security Monitoring
Visit Website
icon of Folly

Folly

Open-source LLM Prompt-Injection and Jailbreaking Playground for testing LLM security vulnerabilities.

Prompt InjectionOpen SourceAPI SecuritySecurity TestingLLM Security+1