Skip to main content

CyberMind CLI

Starter+ Plan

Developer Security Scanner

Scan GitHub repositories and local paths for secrets, SAST vulnerabilities, and vulnerable dependencies — all in one command.

cybermind /devsec https://github.com/owner/repoGet Starter Plan →
🔑

Secret Scanning

trufflehog + gitleaks scan full git history for API keys, tokens, and credentials

🔍

SAST Analysis

semgrep with p/security-audit ruleset finds injection flaws, XSS, and logic bugs

📦

Dependency Audit

trivy, npm audit, and pip-audit find vulnerable packages with CVE mapping

🤖

AI Remediation

AI classifies severity, maps to MITRE ATT&CK, and provides exact fix commands

$ cybermind /devsec https://github.com/example/webapp

  🔐 DEVSEC — Developer Security Scanner
  ────────────────────────────────────────────────────────────

  [devsec] cloning https://github.com/example/webapp...
  [devsec] phase 1: secret scanning...
  [devsec] running trufflehog...
  [devsec] running gitleaks...
  [devsec] phase 2: SAST...
  [devsec] running semgrep...
  [devsec] phase 3: dependency audit...
  [devsec] running trivy...
  [devsec] running npm audit...
  [devsec] sending findings to AI for analysis...

  ╔══════════════════════════════════════════════════════════╗
  ║              🔐 DevSec AI Analysis                      ║
  ╚══════════════════════════════════════════════════════════╝

  CRITICAL: AWS_SECRET_KEY found in .env.backup (line 12)
    → MITRE ATT&CK: T1552.001 — Credentials in Files
    → Fix: Rotate key immediately, add .env* to .gitignore

  HIGH: SQL injection in src/db/query.js (line 47)
    → CVE mapping: CWE-89
    → Fix: Use parameterized queries

  HIGH: lodash 4.17.15 — CVE-2021-23337 (CVSS 7.2)
    → Fix: npm install lodash@4.17.21
Start with Starter Plan →

Starter plan · ₹85/mo · Unlimited devices