Skip to content

Deepam02/SecureRabbit

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
cmd/securerabbit
cmd/securerabbit
 
 
docs
docs
 
 
internal
internal
 
 
.gitignore
.gitignore
 
 
.securerabbit.yml.example
.securerabbit.yml.example
 
 
IMPLEMENTATION.md
IMPLEMENTATION.md
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 

Repository files navigation

SecureRabbit 🐰🔒

Go Version License Build Status

SecureRabbit is an advanced security code analysis tool that combines static analysis with AI-powered deep reasoning to detect OWASP Top 10 vulnerabilities in your codebase.

🚀 Quick Start

# Install
go install github.com/deepam02/securerabbit/cmd/securerabbit@latest

# Initialize configuration
securerabbit init

# Run your first scan
export OPENAI_API_KEY="your-api-key"
securerabbit scan --mode smart

✨ Key Features

  • 🔍 Hybrid Analysis Engine - Combines static rules with LLM intelligence
  • 🤖 Multi-LLM Support - Works with OpenAI, Anthropic Claude, and Google Gemini
  • 🎯 Smart Scanning - Prioritizes high-risk files for efficient analysis
  • 📊 Multiple Scan Modes - Deep, Smart, and Git Diff scanning
  • 🛡️ OWASP Top 10 Coverage - Comprehensive security vulnerability detection
  • 📝 Flexible Reports - JSON and Markdown output formats
  • Fast & Concurrent - Parallel processing for large codebases

📖 Documentation

Comprehensive documentation is available in the docs/ directory:

  • 📘 Getting Started - Installation, setup, and your first scan
  • 📗 Usage Guide - Complete command reference and examples
  • 📙 Configuration - Configure LLM providers, rules, and output
  • 🔒 Security - Best practices, API key management, and compliance

🎯 Use Cases

  • Pre-commit Hooks - Catch vulnerabilities before they reach your repository
  • CI/CD Pipelines - Automated security scanning in your build process
  • Code Reviews - AI-assisted security review for pull requests
  • Security Audits - Comprehensive analysis of existing codebases
  • Developer Training - Learn secure coding practices through detailed findings

🛠️ Supported Languages

  • ✅ Go (with AST analysis)
  • ✅ Python
  • ✅ JavaScript/TypeScript
  • ✅ Java
  • ✅ C/C++
  • ✅ C#
  • ✅ Ruby
  • ✅ PHP

📊 Example Output

# SecureRabbit Security Scan Report

**Generated:** 2024-12-06 14:30:45

## Summary
- Files Scanned: 42
- Total Findings: 8
- Critical: 2 | High: 3 | Medium: 2 | Low: 1

### Critical Issues
🔴 Hardcoded AWS Access Key (Line 45)
🔴 SQL Injection Vulnerability (Line 123)

🤝 Contributing

We welcome contributions! Please check out the documentation and feel free to open issues or submit pull requests.

📄 License

MIT License - see LICENSE file for details.

🙏 Credits

Developed by @deepam02

Need Help? Check out our Getting Started Guide or open an issue.

About

SecureRabbit is a comprehensive security code analysis tool written in Go that combines static analysis with AI-powered deep reasoning to detect OWASP Top 10 vulnerabilities.

Resources

Readme

Security policy

Security policy
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages