Skip to content
/ CodePhantom Public

A framework for software security analysis, combining static, dynamic and fuzz testing.

License

View license
0 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Areenzor/CodePhantom

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

45 Commits
analyzers
analyzers
 
 
api
api
 
 
config
config
 
 
core
core
 
 
security
security
 
 
templates
templates
 
 
test-data
test-data
 
 
ui
ui
 
 
utils
utils
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
build.gradle
build.gradle
 
 
pom.xml
pom.xml
 
 

Repository files navigation

CodePhantom

Comprehensive Security Analysis Framework for Developers

CodePhantom is a high-performance, modular framework that empowers developers and security engineers to detect vulnerabilities in software applications. It offers Static Analysis, Dynamic Analysis, and Fuzz Testing capabilities through a modern, extensible architecture.

Key Features

  • Static Code Analysis: Uncover vulnerabilities in source code.
  • Dynamic Analysis: Monitor application behavior at runtime.
  • Fuzz Testing: Identify edge-case vulnerabilities.
  • RESTful API and CLI: Easy integration into CI/CD pipelines.
  • Web-Based Interface: Visualize analysis reports and trends.

Getting Started

Requirements

  • Java: Version 17 or higher
  • Build Tool: Gradle or Maven
  • OS: Cross-platform (Linux, macOS, Windows)

Installation

  1. Clone the repository:

    git clone https://github.com/areenzor/CodePhantom.git
cd CodePhantom

  2. Build the project using Gradle:

    ./gradlew build

    Or build using Maven:

    mvn clean package

Usage

Run the Application

  1. Command-Line Interface (CLI):

    java -jar build/libs/CodePhantom-1.0.0.jar

  2. Web Interface:

    • Start the web server: 
      java -jar build/libs/CodePhantom-1.0.0.jar --web
    • Open your browser and navigate to http://localhost:8080.

Run Tests

  • Using Gradle: 
    ./gradlew test
  • Using Maven: 
    mvn test

Project Structure

CodePhantom/  
├── core/                 # Application core and main components  
├── analyzers/            # Static, dynamic, and fuzz testing modules  
├── security/             # Security utilities (e.g., sanitizers)  
├── utils/                # Helper classes (e.g., logging, file utilities)  
├── ui/                   # Web and CLI interfaces  
├── api/                  # RESTful API implementation  
├── resources/            # Configuration, templates, and test data  
├── test/                 # Unit and integration tests

Contributing

Contributions are welcome! Please follow these steps to contribute:

  1. Fork the repository.
  2. Create a feature branch: 
    git checkout -b feature/your-feature
  3. Commit changes and push to your branch.
  4. Create a pull request detailing your changes.

Please ensure that your code adheres to the project’s coding style and passes all tests.

License

This project is licensed under the Apache License 2.0.

Contact and Support

For questions, feedback, or support:

Acknowledgments

Special thanks to the open-source community and contributors for their continued support in making CodePhantom a cutting-edge tool for software security analysis.

About

A framework for software security analysis, combining static, dynamic and fuzz testing.

Topics

cybersecurity vulnerability codeanalysis staticanalysis devsecops securecode appsecurity fuzztesting dynamictesting

Resources

Readme

License

View license
Activity

Stars

0 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages