Show HN: Isitsecure – 1-command SAST and DAST and LLM security scanner for web apps
As vibe coding has started to become more mainstream, so has the realization that typical AI-generated code is insecure by default.
What started as a free security scan tool for vibe coded apps turned into an open source project for a much deeper Static Application Security Test (SAST) + Dynamic Application Security Testing (DAST) scan + a SAST defined DAST plan - basically the SAST scan finds a possible route to attack and passes it off to the DAST scanners to try and exploit.
The goal is to give folks a tool to keep building with AI but without compromising on security when it comes to their customers' data.
Feedback is always welcomed; I'd especially love to hear about:
- any false positives
- any vulnerability class that you'd expect but is missing in the tool
- how the SAST defined DAST scan plan fares against your code repo
If you got this far, thanks for reading and hope you find this useful 🙂
0
0 repliesReplies (0)
No replies yet.
