# security-scanning
36 tools tagged
Showing 24 of 36 tools
Magika
AI-powered file-type detection at Google scale
Open-source AI-powered file-type detection tool from Google that uses a custom deep-learning model under a few megabytes to identify more than 200 binary and textual content types in milliseconds, even on a single CPU. Magika ships as a CLI, Python package, JavaScript/TypeScript library, and an ONNX model, achieves around 99% accuracy on its test set, and is already used at Google scale across Gmail, Drive, and Safe Browsing as well as by VirusTotal and abuse.ch.
Fig Security
Security operations resilience for SOC teams
Fig provides a Security Operations Resilience platform designed for modern SOC teams facing both unplanned and planned changes. Features drift detection to catch unplanned infrastructure changes, automated drift repair with testing, planned change modeling to simulate initiatives before deployment, version control, and automatic deployment with rollbacks. Helps teams maintain security coverage while shipping risk-free at 10x speed and focusing on strategic cyber work.
Sherlock
Hunt down social media accounts by username across 400+ platforms
Sherlock is a Python CLI tool that searches for a given username across 400+ social networks and websites simultaneously. It is widely used in OSINT investigations, security audits, red teaming exercises, and digital footprint analysis. Sherlock is included in Kali Linux and Parrot Security distributions and has over 76,000 GitHub stars, making it one of the most popular open-source security tools.
Zerobox
Sandbox any command with file, network, and credential controls
Zerobox is a security-focused command sandboxing tool that isolates command execution with fine-grained controls over file system access, network connectivity, and credential exposure. It wraps any shell command in a secure container that enforces policy restrictions, preventing unauthorized file reads, network calls, or environment variable leaks during execution.
prodlint
Static linter that catches production bugs in AI-generated code
prodlint is a zero-config static analysis tool with 52 rules targeting production bugs that AI coding tools consistently produce. It catches hallucinated npm imports, missing authentication checks, Prisma writes outside transactions, exposed secrets via NEXT_PUBLIC prefixes, and other patterns specific to code generated by Cursor, Claude Code, Bolt, and v0. Runs in one second via npx with no configuration needed.
osv-scanner
Google's vulnerability scanner using the OSV database
OSV-Scanner is Google's official open-source vulnerability scanner that checks your project's dependencies against the OSV.dev database — the largest open vulnerability database covering all major ecosystems. Written in Go, it supports lockfiles from npm, pip, Maven, Cargo, Go modules, and more, providing actionable remediation guidance and CI/CD integration for automated security scanning.
MCP-Scan
Security scanner for MCP servers against tool poisoning attacks
MCP-Scan is a security tool that scans MCP servers for vulnerabilities including tool poisoning, prompt injection, cross-origin escalation, and rug pull attacks. Acquired by Snyk in 2026, it is the first dedicated security scanner for the MCP ecosystem. It analyzes tool descriptions, permissions, and behavior patterns to detect malicious or compromised MCP servers before they can exploit AI agents.
Trunk
AI-powered CI reliability and flaky test management
Trunk is a developer tools platform that tackles CI reliability through AI-powered flaky test detection, automatic quarantine, and merge queue management. It uses ML-based statistical analysis to identify flaky tests, isolates them to prevent pipeline blocks, and creates GitHub issues for resolution. Used by Zillow, Brex, and Faire, with $28.5M in funding and support for all major test frameworks.
Falco
Cloud native runtime security for Kubernetes
Falco is a CNCF graduated open-source runtime security tool that detects unexpected behavior and threats across containers, Kubernetes, and cloud workloads in real time. Originally created by Sysdig, Falco monitors Linux kernel syscalls using eBPF and applies customizable detection rules to alert on malicious activity like container escapes, cryptojacking, unauthorized file access, and anomalous network connections. It supports 50+ alert output channels including SIEM integration.
Taskflow Agent
AI framework for distributed vulnerability research
Taskflow Agent is an open-source MIT-licensed AI framework by GitHub Security Lab that automates vulnerability discovery through a three-stage pipeline: threat modeling, issue suggestion, and audit validation. It has discovered 91 confirmed vulnerabilities in major open-source projects including Outline and WooCommerce, using distributed community-powered security research coordinated by AI agents.
ZeroPath
AI-native SAST with automated PR security reviews
ZeroPath is an AI-native SAST and AppSec platform recognized as an RSAC 2026 finalist that provides automated pull request security reviews with contextual feedback and natural-language fix suggestions. It catches secrets, IaC misconfigurations, and logic flaws in code changes, competing directly with established code review tools but with a security-first AI-native architecture.
RefortifAI
DRM and IP protection for AI model weights
RefortifAI is a Y Combinator P2026 batch company that provides DRM and intellectual property protection for AI models by obfuscating model weights so they only run inside a hardened runtime. It solves the critical problem of model weight protection for companies distributing custom LLMs to untrusted environments, preventing IP theft while maintaining inference performance.
Amplify Security
AI security triage for small engineering teams
Amplify Security is an AI-native security tool designed for small-to-mid engineering teams that automates the triage of security alerts and integrates directly into GitHub and GitLab workflows. It specifically addresses alert fatigue by using AI to prioritize high-risk findings over low-severity noise, offering a free tier for small teams that makes developer-first security accessible without enterprise budgets.
Fluid Attacks
Continuous security scanning with AI and human expertise
Fluid Attacks integrates continuous vulnerability scanning into the SDLC by combining AI automation with human security expertise to verify critical flaws. The hybrid approach ensures that automated findings are validated by security researchers before reaching developers, reducing false positive noise while maintaining coverage across SAST, DAST, SCA, and infrastructure-as-code security scanning.
ZeroThreat
AI-automated pentesting with zero false positives
ZeroThreat is an automated penetration testing platform that uses AI to conduct comprehensive security audits, claiming to identify 500+ vulnerability types with zero false positives. It automates the traditionally expensive and manual red-teaming process, providing continuous security assessment for web applications with detailed remediation guidance and compliance-ready reporting.
ps-fuzz
Prompt fuzzing tool for LLM security testing
ps-fuzz by Prompt Security is a security testing tool with 680+ GitHub stars that fuzzes system prompts against dynamic LLM-based attack scenarios including jailbreaks, prompt injection, and data extraction attempts. It helps developers harden their GenAI applications by simulating adversarial attacks in a controlled environment, turning LLM security into a testable and reproducible quality gate.
ModelScan
Security scanner for AI model files
ModelScan by Protect AI is an open-source tool that scans machine learning model files for malicious or unsafe code before they are loaded into production. Supporting formats like Pickle, HDF5, and SavedModel, it detects hidden code execution, deserialization attacks, and supply chain threats in the AI/ML model artifact pipeline, integrating into CI/CD as a critical security gate.
DefectDojo
Open-source vulnerability management aggregator
DefectDojo is an open-source vulnerability management platform with 4.7K+ GitHub stars that aggregates findings from 200+ security tools into a single view for ranking, triaging, and tracking remediation. It serves as the operating system for security teams by normalizing data from SAST, DAST, container scanners, and dependency checkers into a unified workflow with deduplication and metrics.
TruffleHog
Secret scanning across Git history and cloud storage
TruffleHog by Truffle Security scans for high-entropy strings and secrets across GitHub history, S3 buckets, and other data stores with 26.7K+ GitHub stars. It goes beyond simple pattern matching by verifying whether discovered credentials are actually active and valid, significantly reducing false positives and helping teams prioritize remediation of truly exposed secrets.
Gitleaks
Open-source secret detection for Git repositories
Gitleaks is an open-source secret scanner with 27K+ GitHub stars that detects hardcoded passwords, API keys, tokens, and private keys in Git repositories, files, directories, and full Git history. It integrates via GitHub Actions, pre-commit hooks, CI/CD pipelines, and single-binary local scans.
CodeThreat
AI-powered SAST for PR-time security analysis
CodeThreat provides pull request-time security analysis covering SAST, dependency vulnerability checks, and infrastructure-as-code risk review. Highly rated for its seamless GitHub integration, it catches security issues introduced by both human and AI-generated code before they reach production, with particular strength in identifying vulnerabilities from rapid vibe coding workflows.
Corgea
AI-native AppSec that finds and fixes vulnerabilities
Corgea is an AI-native application security platform that uses LLMs to scan, triage, and automatically fix security vulnerabilities in code. Unlike traditional SAST tools that only detect issues, Corgea focuses on the remediation phase by generating context-aware fixes for vulnerabilities, significantly reducing the time engineering teams spend on security backlog while providing contextual PR reviews and IDE integrations.
CodeAnt AI
All-in-one AI code review, security, and quality
CodeAnt AI combines AI code review, SAST, secret detection, IaC security, policy enforcement, compliance dashboards, and agentic pentesting in one platform for engineering teams that want code quality and security checks before production.
Corridor
AI-native security for coding agents
Corridor is an AI-native security platform that intercepts vulnerabilities at the code generation layer, providing real-time guardrails and automated PR security reviews for teams using AI coding agents like Cursor, Claude Code, and GitHub Copilot. Founded by former CISA Secure by Design lead Jack Cable and backed by $25M Series A from Felicis at a $200M valuation, Corridor embeds proactive security context into developer workflows via MCP server integration.