Fast, deterministic security scanner powered by AST analysis. 17 detection rules covering OWASP Top 10.
$ pip install mikmbr
$ mikmbr scan .
Found 3 security issue(s):
[HIGH] src/app.py:12
Rule: DANGEROUS_EXEC
CWE: CWE-95
OWASP: A03:2021 - Injection
Issue: Use of eval() allows arbitrary code execution17 security rules covering SQL injection, command injection, hardcoded secrets, SSRF, template injection, and more.
Built on Python AST analysis. Scans typical repositories in seconds with zero false positives.
YAML-based configuration for custom rules, severity levels, and output formats. Perfect for CI/CD.
Three-layer detection: 12+ known patterns (AWS, GitHub), entropy analysis, and variable name detection.
Runs entirely offline. Your code never leaves your machine. No cloud required.
Every finding includes CWE/OWASP references, detailed explanations, and fix suggestions.
pip install mikmbr
mikmbr scan .
mikmbr scan . --verbose
mikmbr scan . --format json
mikmbr scan . --config .mikmbr.yaml
Comprehensive coverage of OWASP Top 10 2021
Detects SSTI vulnerabilities in Jinja2, Mako, Django templates
CWE-94String concatenation, f-strings, unsafe ORM queries
CWE-89os.system(), subprocess with shell=True
CWE-78Smart detection: patterns, entropy, variable names
CWE-798Server-Side Request Forgery in requests, urllib
CWE-918Unvalidated redirects in Flask, Django, FastAPI
CWE-601Non-constant-time password/token comparisons
CWE-208Unsanitized user input in logging statements
CWE-117Catch vulnerabilities before they reach production. Integrate into your IDE or pre-commit hooks.
Enforce security standards across your codebase. Configure rules per project.
Automated security scanning in GitHub Actions, GitLab CI, Jenkins. Fail builds on critical issues.
Learn secure coding practices. Each finding includes CWE/OWASP references and fix suggestions.
Free, open source, and runs entirely offline.
pip install mikmbr && mikmbr scan .