code-vuln-audit

A code security scanning tool with three core scanning capabilities:

1. Dependency Vulnerability Scanning — Automatically detects known vulnerabilities in npm / pip dependencies
2. Secret Leak Detection — Discovers hardcoded secrets, tokens, and passwords via regex matching + Shannon entropy analysis
3. OWASP Pattern Detection — Identifies common security anti-patterns such as SQL injection, XSS, command injection, and insecure deserialization

Quick Start

# Scan the current directory (all checks)
python3 scripts/security_scan.py .

# Scan dependencies only
python3 scripts/security_scan.py --mode deps .

# Detect secret leaks only
python3 scripts/security_scan.py --mode secrets /path/to/project