A compliance and security scanner that detects secrets, tokens, and insecure code patterns in GitHub repositories, files, or directories. Includes a web application with PDF reporting and a CLI tool for local use.
Live Demo
Features
- Scan GitHub repositories, local files, or directories
- Detect common secrets (AWS keys, GitHub tokens, Slack tokens, etc.)
- Identify debug statements and weak patterns
- Severity breakdown with risk score
- Export a neatly formatted PDF report
- Web app (Flask + Gunicorn) and CLI modes