SecureCodeAuditor is an AI-powered security tool that helps developers identify and fix vulnerabilities in their code. Just upload a ZIP file containing your code files, and the tool will scan it using intelligent AI agents to detect security issues. It supports multiple programming languages and provides clear, actionable suggestions to improve your code’s safety. With a modern, user friendly interface, SecureCodeAuditor brings powerful security insights to your fingertips.
- Multi-File Analysis: Upload ZIP files containing multiple code files for batch analysis.
- AI-Powered Vulnerability Detection: Uses AI Agents to identify vulnerabilities such as:
- XML External Entity (XXE) attacks
- API Misuse
- Insecure Direct Object References (IDOR)
- SQL Injection
- Command Injection
- Cross-Site Scripting (XSS)
- Clickjacking
- Rate Limiting: Protects the API from abuse with request rate limits.
- Multithreading: Utilizes multithreading to process multiple files simultaneously, along with parallel execution of the agents for each file.
- Frontend: React and Tailwind CSS
- Backend: FastAPI
- AI Agents: LangGraph
- Containerization: Docker
-
Clone the repository:
git clone https://github.com/Armaan457/SecureCodeAuditor
-
Navigate to the
Backenddirectory:cd Backend -
Create and activate a virtual environment:
python -m venv env env\Scripts\activate
-
Install dependencies:
pip install -r requirements.txt
-
Create a
.envfile and add your Gemini API key/s:GEMINI_API_KEY = ...
-
Run the server:
python main.py
-
Navigate to the
Frontenddirectory:cd Frontend -
Install dependencies:
npm install
-
Start the development server:
npm run dev
-
Open your browser and go to
http://localhost:5173(or the port shown in your terminal).