Ernket

Ernket / CodeScan

Public

调用AI的代码审计平台 | Utilize the AI-based code audit platform

18
5
100% credibility
Found Apr 08, 2026 at 18 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
Go
AI Summary

CodeScan is a self-hosted web app that uses AI to perform detailed security audits on uploaded source code zip files, generating structured reports on vulnerabilities across multiple stages.

How It Works

1
🖥️ Open the scanner

You launch the friendly web dashboard on your computer to start securing your code.

2
📤 Upload your code

Drag and drop a zip of your project files to begin the analysis.

3
🗺️ Map the paths

Watch it discover all the routes and entry points in your app automatically.

4
🔍 Run deep checks

Pick security areas like remote hacks or data leaks and let the smart assistant scan thoroughly.

5
⚠️ Review discoveries

See the list of potential issues, confirm real ones, and skip false alarms.

6
🔄 Double-check gaps

Re-scan for missed spots or validate findings with fresh eyes.

📄 Download report

Grab a complete, beautiful HTML report to share or fix your code confidently.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 18 to 18 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is CodeScan?

CodeScan is a self-hosted AI-based code audit platform built in Go with a sleek Vue frontend. Upload a ZIP of your codebase (up to 30MB), and it inventories routes, runs targeted security scans for RCE, injections, XSS, auth flaws, and more, then generates HTML reports. Solves manual code review drudgery by letting AI handle deep audits with gap checks and finding revalidation—perfect for codescanner github workflows without cloud dependency.

Why is it gaining traction?

Stands out with stage-by-stage audits you control via dashboard: run initial scans, gap-check misses, revalidate findings, and export polished reports. Bilingual UI (EN/ZH) and tools like JSON repair make it practical for real audits, unlike generic linters. Devs dig the self-hosted vibe, utilizing AI models like Gemini for precise vuln hunting over broad SAST tools.

Who should use this?

Backend teams auditing web apps before deploys, security engineers scanning untrusted code zips, or indie devs doing codescanner app checks on their Go/PHP/Node repos. Ideal for those tired of false positives in SonarQube or manual pentests, especially if you want a codescanner iphone-style simple upload-to-report flow self-hosted.

Verdict

Worth a spin for AI-powered audits if you're okay tinkering—18 stars and 1.0% credibility score scream early alpha, with solid docs but light tests. Fork and productionize it yourself for serious use; skips big players until maturity catches up.

(187 words)

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.