DeepAudit：人人拥有的 AI 黑客战队，让漏洞挖掘触手可及。国内首个开源的代码漏洞挖掘多智能体系统。小白一键部署运行，自主协作审计 + 自动化沙箱 PoC 验证。支持 Ollama 私有部署 ，一键生成报告。支持中转站。​让安全不再昂贵，让审计不再复杂。

Source Code Security Audit (源代码安全审计)

An AI-powered GitHub code review tool that uses LLMs to detect high-confidence, high-impact issues—such as security vulnerabilities, bugs, and maintainability concerns.

sdlc_python 是一个基于python语言构建的devsecops平台，旨在促进 DevSecOps 和安全开发生命周期 (SDLC) 实践。它通过模拟常见漏洞来增强开发人员的安全意识(对应sdlc中对开发人员的安全培训)，并且使用了大模型进行代码安全审计（对应sdlc中代码审计阶段），帮助企业进行安全左移。除了用于 DevSecOps 实践外，sdlc_python 还可以用于学习漏洞知识、渗透测试和代码审计。本项目采用了前后端分离的设计模式，其中后端利用了轻量级框架 Flask，而前端则使用了 Vue 3。

🐛 A plug-in of sublime 2/3 which is able to find PHP vulnerabilities

Codeaudit - Modern Python source code security analyzer based on distrust.

顾名思义，一个代码的数据库....

intelligent auditing tool powered by large language models, supporting GPT, . It automatically detects security vulnerabilities, performance issues

AI-powered codebase audit tool that scans for dependency vulnerabilities, deprecated API usage & generates comprehensive security reports. Uses MCP connectors for intelligent analysis with automated audit workflows.

📸 Capture and analyze with AI in real-time. Perfect for quick assistance during online tests and interviews, featuring robust screenshot protection.

🛡️ Analyze source code to find and verify 55+ security vulnerabilities across 9 languages using a dual-track white-box audit model.

Enterprise-grade CLI security auditing engine. 10 detection engines, mathematical SPI scoring (WSPM v2.2), HTML + JSON reports. Try free — 3 runs, no signup.

🩺 AI-powered repository health analysis tool. Automated code quality checks, bloat detection, onboa rding guides, and security audits using GitHub Copilot CLI. Zero configuration required.

Security scanner for AI-generated (vibe-coded) code. Catches the vulnerabilities that Cursor, Bolt, Lovable, and Replit Agent generate but never warn you about.

AI-assisted static analysis engine for legacy .NET/C# codebases — produces architecture findings, complexity scores, and modernization roadmaps

Professional AI-driven code documentation & quality audit agent. Scans projects, identifies bugs, and persists reports locally via MCP.

Minimalist AI agent that extracts information from files using surgical grep/ls operations to minimize token usage. Built with Datapizza + Google Gemini.

A security scanner designed to detect invisible Unicode vulnerabilities, BiDi overrides, and homoglyph attacks in source code to prevent Trojan Source exploits.

Tiny local coding CLI