Open Source Vulnerability Scanner

VibeSec scans public and private GitHub repositories using AI and Semgrep to detect vulnerabilities, insecure patterns, and exposed secrets, producing prioritized, actionable security reports for PR reviews, CI pipelines, and developer triage.

ZeroThreat provides a cutting-edge DAST web app & API security scanner featuring secret, GraphQL scanning, and intelligent threat detection. It integrates smoothly with CI/CD pipelines for fast vulnerability assessment and robust proactive cybersecurity.

Beagle Security automates web, API, and GraphQL penetration testing using AI trained on 350k workflows. It runs in CI/CD, reports to Jira/Azure/Slack, cuts manual effort, reduces false positives, and gives clear remediation guidance.

WebTotem delivers an AI‑driven firewall that blocks brute‑force, DoS, SQLi, XSS, bot, spam, path traversal, and emerging threats, with custom IP whitelisting. It scans for malware, defacement, open ports, tracks SSL and domain expiry, scores vulnerabilities, and provides dashboards for collaboration

Quick Intel scans smart contract addresses across 54+ chains, delivering AI‑driven analysis in seconds. It flags hidden code, identifies scam patterns, and shows warning labels while recording key attributes for risk assessment.

Qwiet AI unifies SAST, SCA, IaC, container, and secrets scanning into one scan, filtering for reachable, exploitable risks. It delivers 97 % true positives, cuts false positives 90%, and auto‑generates unit‑tested fixes, cutting remediation time 80 %.

AI agents scan 300,000+ sources—including dark‑web forums and new domains—to deliver real‑time OSINT alerts with context on threat actors, intent, and campaigns. Customizable workflows target phishing, insider risk, or credential leaks, enabling rapid response and fraud reduction.

Fluxguard automatically crawls complex sites, monitors HTML, PDF, and visual changes, and evaluates them against user rules. It delivers real‑time alerts via APIs or webhooks, summarizes results, and reduces manual review and risk‑monitoring workload.

CodeThreat applies AI to security analysis within development pipelines, automatically scanning pull requests and codebases to pinpoint real vulnerabilities. It filters out weak findings, provides repo‑level architectural summaries, and integrates with GitHub, GitLab, Bitbucket, and CI/CD across 27

Pixeebot automates application security by triaging SAST/IAST findings, generating ready-to-review code fixes and pull requests, integrating with CI/CD and developer tooling, centralizing triage and metrics, and supporting multiple languages with private/self-hosted models.

Jazzberry is an AI-driven bug detection tool that analyzes code repositories in a secure environment, identifying vulnerabilities like SQL injection and authentication bypasses. It prioritizes data security with enterprise-grade measures and provides efficient, categorized bug identification.

CensysGPT automates query construction for the Censys search engine, converting Shodan, ZoomEye, BinaryEdge, and legacy syntax into real‑time host reconnaissance queries. It streamlines threat‑hunting by quickly generating actionable host insights on services, ports, and metadata.

Corgea is an AI tool that expedites vulnerability detection and repair in codes for security teams. It boosts productivity by simplifying fixes on popular repositories and enables developers to concentrate on high-value work.

threatbee.com is a cybersecurity platform that delivers AI-powered attack surface discovery, vulnerability assessment, and real-time threat detection. It consolidates protection for networks, cloud, and IoT with a central portal for monitoring and compliance management.

KushoAI automates API contract tests from OpenAPI or Postman, continuously monitors contract drift, and updates suites. It runs real‑time security scans, covers API, database, and UI layers, and self‑heals tests as code evolves, providing release risk scores for ship decisions.

ScamMinder evaluates URLs in real‑time, assigning safety scores and risk indicators for phishing, fraud, and malware. Users upload message screenshots for AI analysis, while the platform aggregates community reviews, threat stats, and a site database to verify authenticity.

Depshub is a dependency management tool that automates updates, license checks, and vulnerability scans. It provides a centralized view of dependencies, integrates with platforms like GitHub, and offers AI analysis to streamline development workflows and enhance code security.

Answer Overflow is an open-source AI search engine for Discord, simplifying content discovery across various servers. Easily find valuable information in different communities to enhance your Discord experience efficiently.

Binarly is a firmware security tool that automates binary analysis to identify and manage vulnerabilities in software and firmware, offering proactive risk detection, prescriptive fixes, and continuous compliance reporting for enhanced supply chain security.

IDScan.net offers an AI‑driven identity verification platform that scans passports, driver’s licenses, and mobile IDs using UV/IR imaging and deep‑fake detection. It supports real‑time data capture, KYC/AML compliance, and APIs for integration across banking, retail, and logistics.

Copyleaks delivers AI text and image detection, plagiarism checking, grammar correction, and text moderation in 30+ languages. It integrates via API, LMS, browser extensions, and Google Docs, supports major LLMs, and ensures secure, compliant workflows for education and enterprise.

Hackfast is an AI-driven tool that streamlines penetration testing by organizing scan data, automating reconnaissance, and providing contextual vulnerability insights, tailored attack paths, and project management features for efficient security assessments.

LabEx delivers free, interactive labs for Linux, DevOps, and cybersecurity, organized into skill‑tree pathways. AI assistant Labby aids debugging, while online terminals and real‑world projects cover Docker, Kubernetes, Python, Java, Ansible, and more.

Jobscan analyzes resumes, cover letters, and LinkedIn profiles against job descriptions to deliver a compatibility score, then offers edits that improve ATS parsing and increase interview chances. Additionally, it tracks applications and recommends suitable roles based on profile data.

SecureGPT is a free platform for security testing OpenAI ChatGPT plugins.

Codiga is a static code analysis platform that detects real‑time violations and security issues across multiple languages. It offers OWASP, MITRE, and SANS‑CWE rule libraries, a custom rule editor, IDE integration, automated PR reviews, auto‑fix, and a metrics dashboard.

RoostGPT auto‑generates unit and API tests for Java, Go, and other languages, using LLMs to uncover edge cases and achieve full coverage in one pass. It also performs static vulnerability scanning and integrates into CI pipelines.

Jam is an AI-powered debugging assistant that streamlines the debugging process through automated source code analysis and code fix suggestions while ensuring privacy and security. It integrates with a Chrome extension for bug reporting workflow.

diib automatically scans websites for keyword rankings, backlink health, and technical metrics such as speed, security, and Core Web Vitals. It delivers a daily health score, competitor alerts, social media insights, and actionable on‑page SEO recommendations, with custom growth dashboards.

Open Knowledge Maps is an AI search engine that visualizes scientific literature across disciplines, clustering related papers to reveal topic connections and trends. It supports varied document types, offers high‑quality metadata, multilingual browsing, and open‑source integration.

The Algorithm Rank Validator is an AI tool designed for Twitter developers to evaluate tweet rankings and optimize their strategy based on data-driven insights into how tweets are ranked.

Equixly is an AI‑driven continuous offensive security platform that maps and attacks an organization’s attack surface in real time. It automatically discovers APIs, executes adaptive attack paths, validates exploits, and delivers continuous visibility, alerts, and audit‑ready remediation tracking.

HoundDog.ai scans code to detect PII leaks and map data flows across logs, APIs, SDKs, and AI integrations. It auto‑creates GDPR‑aligned documents, blocks risky pull requests in IDEs and CI/CD, and supplies an API context engine for safer AI coding.

Crypto Arbitrage Bot identifies price discrepancies across over 40 exchanges, enabling users to execute profitable trades. It features real-time alerts, wallet analysis, and AI-driven insights, catering to both novice and experienced cryptocurrency traders.

Open‑source AI code‑review platform that plugs into GitHub, GitLab, Bitbucket, and Azure DevOps at the pull‑request level. Model‑agnostic, it runs custom rule sets, tracks technical debt, and delivers real‑time metrics without storing source code.

OpenCode.ai is an open-source AI coding agent that runs directly in your terminal, IDE, or desktop. It connects to 75+ LLM providers, supports offline use, and enables multi-session collaboration for code review and debugging.

PlagiarismSearch.com compares submitted text to a vast database of web pages, journals, and printed sources, highlighting matches and providing similarity reports, AI‑content detection, readability checks, spell‑check, and API integration for real‑time academic integrity.

Qodex is an automated API testing platform that streamlines test creation and execution, offering features like automated test generation, uptime monitoring, and real-time failure alerts, facilitating efficient testing in CI/CD workflows for developers and QA teams.

Open Apps is an open-source app directory that offers a curated selection of free alternatives to popular software tools, enabling users to find quality open-source solutions across various categories for development and productivity needs.

accessiBe automates WCAG 2.2 AA compliance by scanning sites and applying fixes for screen readers and keyboard navigation. It offers audits, user testing, custom code, CMS widgets, and documentation for ADA and other legal standards.

OSS Chat delivers a single chat interface that connects users to open‑source project resources—docs, issue trackers, papers, and community Q&A. It uses ChatGPT and a vector database to provide quick, privacy‑compliant access to up‑to‑date knowledge across diverse tech domains.

CodeRabbit automates pull‑request reviews with AI, detecting bugs instantly and suggesting fixes. It integrates with Git, IDEs, and CLI, delivers diff summaries, diagrams, and a chat interface, all while preserving privacy with encryption and zero‑data retention.

Browser extension that analyzes news, tweets, and posts for bias, tone, and framing. Provides concise summaries, a trust score, political leanings, rhetoric breakdowns, and links to reputable references in real time.

Originality.ai evaluates text for AI generation, plagiarism, factual accuracy, readability, grammar, and SEO. The Chrome extension and web app enable on‑page checks, bulk scanning, PDF uploads, and API integration for writers and editors.

Ellipsis.dev automatically reviews every GitHub commit and pull request, detecting bugs, anti‑patterns, and style issues. It generates summaries, async fixes, and test‑ready changes, and offers weekly change logs in a SOC 2‑compliant VPC environment.

Parasiteseo.com is an AI-driven platform for optimizing SEO via parasite sites. It offers keyword analysis, competition insights, and auto-generated content briefs, alongside bulk lookups from a database of over 6,000 sites, streamlining SEO campaign management.

Hexowatch monitors visual, content, HTML, and code changes on any URL, alerts on keyword, tech stack, and script updates, and tracks availability, WHOIS, sitemaps, API responses, and backlinks. It archives snapshots for compliance and quick market response.

Unspam Email Spam Checker analyzes outgoing mail for deliverability by scoring spam triggers, validating SPF/DKIM/DMARC/BIMI, checking blacklist status, broken links, short URLs, and DNS reputation to improve inbox placement for email success.

NoPlagio checks uploaded documents against 80 million academic articles and live web sources, supporting 129 languages. It gives similarity scores, color‑coded plagiarism types (citation, paraphrase, improper reference), source links, and protects privacy by never storing files.

Semantic Scholar indexes 230 million papers, offering AI‑powered semantic search that prioritizes relevance and citation impact. It provides contextual PDF annotations, a developer API, and export options for literature reviews, grant research, and teaching.