Brine

Brine is a streamlined security assistant that wraps multiple open-source code security testing tools into a single interface. It bridges raw CLI output and actionable security intelligence by automating full-stack code audits through a simple GUI.

Brine supports one-click tool installation, one-click scanning, and exportable results in JSON or TXT formats. It runs only tools that are relevant to the selected codebase.

Included Toolset

• Secret scanning: Gitleaks, TruffleHog
• SCA and dependency checks: pip-audit, Safety, npm, yarn
• Infrastructure as Code (IaC): Checkov, tfsec, Hadolint
• Static analysis (SAST): Bandit
• Internal engine: Eleven (OWASP Top 10 sweep)

Key Features

• Unified reporting across multiple scanners into normalized JSON or TXT output
• Native tool management with install and update workflows from the GUI
• Custom auditing via Eleven to complement external scanner results
• High-level visual dashboard for rapid triage and review

System Dependencies

The following system-level dependencies are required for building and running Brine and its integrated toolchain.

• nodejs
• npm
• python3
• python3-venv
• python3-pip
• git
• curl

Additional external scanners may have their own prerequisites (for example container, IaC, or language-specific tooling).

Quick Start

npm install
npm start

Build Installer Artifacts

npm run dist

This generates Linux installer artifacts (AppImage and Debian package) using Electron Builder.

Releases

For GitHub distribution:

1. Build installer artifacts with npm run dist
2. Create a new GitHub release
3. Upload generated installer files (for example .AppImage and .deb) as release assets

License

This project is released under the MIT License. See LICENSE for full terms.