Scan any public repo
Free. No login. Results in about three minutes.
Recent scans
6 of last 100 · refreshed just now- github.com/dwzhu-pku/PaperBananaF29 findingsdone35m ago
- github.com/OWASP/railsgoatF204 findingsdone1d ago
- github.com/juice-shop/juice-shopF40 findingsdone1d ago
- github.com/OWASP/NodeGoatF184 findingsdone1d ago
- github.com/snyk-labs/nodejs-goofF430 findingsdone1d ago
- github.com/anxolerd/dvpwaF146 findingsdone1d ago
Threat intel · always live
Every scan enriches findings against the same intel feeds enterprise SOCs run. Updated continuously by socbox-intel-mirror.
- 1,592CISA KEVhourly
- 333,848FIRST EPSSdaily
- 668MITRE ATT&CKweekly
- 969MITRE CWEmonthly
- 482CAPECmonthly
The full security platform is on its way
The free scanner above is live today. Private-repository scanning, dashboards, and CI policy gates for teams are in active development.
Private-repo scanning
Connect GitHub, GitLab, Gitea & Codeberg and scan private repositories on every push.
Dashboards & findings
Triage, dedupe, and track findings across repos and images over time — not one-off reports.
Policy gates in CI
Fail a build or block a deploy when a scan crosses your severity, license, or secrets policy.
Scheduled & continuous scans
Re-scan on a cadence and on new CVE disclosures so regressions surface without a manual run.
SBOM & provenance
Generate and store SBOMs, sign artifacts, and keep an auditable provenance trail per image.
SSO, roles & audit
Team workspaces with SSO, role-based access, and audit-log streaming for compliance.