DeepAudit：人人拥有的 AI 黑客战队，让漏洞挖掘触手可及。国内首个开源的代码漏洞挖掘多智能体系统。小白一键部署运行，自主协作审计 + 自动化沙箱 PoC 验证。支持 Ollama 私有部署 ，一键生成报告。支持中转站。​让安全不再昂贵，让审计不再复杂。

Source Code Security Audit (源代码安全审计)

An AI-powered GitHub code review tool that uses LLMs to detect high-confidence, high-impact issues—such as security vulnerabilities, bugs, and maintainability concerns.

sdlc_python 是一个基于python语言构建的devsecops平台，旨在促进 DevSecOps 和安全开发生命周期 (SDLC) 实践。它通过模拟常见漏洞来增强开发人员的安全意识(对应sdlc中对开发人员的安全培训)，并且使用了大模型进行代码安全审计（对应sdlc中代码审计阶段），帮助企业进行安全左移。除了用于 DevSecOps 实践外，sdlc_python 还可以用于学习漏洞知识、渗透测试和代码审计。本项目采用了前后端分离的设计模式，其中后端利用了轻量级框架 Flask，而前端则使用了 Vue 3。

🐛 A plug-in of sublime 2/3 which is able to find PHP vulnerabilities

Codeaudit - Modern Python source code security analyzer based on distrust.

Agent Skill: Architecture-level cross-stack source code asset scanner. Know what you have before you refactor. | 架构级跨技术栈源码资产扫描工具

AI-powered whitebox penetration testing plugin for Claude Code. 9 languages, 22 skills, 7 autonomous agents. STRIDE threat modeling, OWASP 2025 coverage, polyglot monorepo support.

顾名思义，一个代码的数据库....

🛡️ Analyze source code to find and verify 55+ security vulnerabilities across 9 languages using a dual-track white-box audit model.

📸 Capture and analyze with AI in real-time. Perfect for quick assistance during online tests and interviews, featuring robust screenshot protection.

AI-powered codebase audit tool that scans for dependency vulnerabilities, deprecated API usage & generates comprehensive security reports. Uses MCP connectors for intelligent analysis with automated audit workflows.

Read-only Claude Code plugin that audits a codebase for clean-code drift — long files/functions, complexity, magic literals, DRY — and produces a prioritized markdown report. Project-agnostic, config-driven.

Auditoría técnica para proyectos de larga duración y arquitecturas multitecnología. Detecta archivos muertos, mapea dependencias y genera un score de salud estructural — sin tocar tu código.

One-command shakedown. Find what breaks before you ship - architecture, security, performance, resilience, docs. Claude Code skill.

Opus-led Claude Code agent team — strategist plans, Sonnet runners read and fix. Live two-way review-and-fix pipeline. Zero API calls.

Security scanner for AI-generated (vibe-coded) code. Catches the vulnerabilities that Cursor, Bolt, Lovable, and Replit Agent generate but never warn you about.

🔍 Find leaked secrets in your codebase - API keys, tokens, passwords & private keys

AI-assisted static analysis engine for legacy .NET/C# codebases — produces architecture findings, complexity scores, and modernization roadmaps