Analysis updated 2026-05-18
Scan a codebase for logic-level security bugs an AI coding agent introduced.
Watch a project directory and re-scan automatically as code changes.
Fail a CI pipeline when new security findings appear in a pull request.
Generate a detailed proof-of-concept writeup for a specific vulnerability.
| zoroo2626/crysa | 0xhassaan/nn-from-scratch | 3ks/embedoc | |
|---|---|---|---|
| Stars | 0 | 0 | — |
| Language | Python | Python | Python |
| Last pushed | — | — | 2023-06-08 |
| Maintenance | — | — | Dormant |
| Setup difficulty | easy | moderate | hard |
| Complexity | 3/5 | 4/5 | 1/5 |
| Audience | developer | developer | developer |
Figures from each repo's GitHub metadata at analysis time.
Requires an OpenAI-compatible API key, no Docker or database needed.
Crysa is a command line tool built to catch security problems in code, but it takes a different approach than typical scanning tools. Rather than matching known bad patterns with regular expressions, it sends your code to a large language model and asks it to reason about the code the way a human bug bounty hunter would, thinking about what an attacker could actually do with it. The README explains that this matters because AI coding assistants can write functional code quickly while still missing subtle logic mistakes, such as forgetting to check whether a user actually owns the item they are updating, or accepting more fields in a request than the developer intended. These are the kinds of bugs a traditional pattern based scanner tends to miss, since they require understanding what the code is supposed to do rather than just its syntax. Before reviewing files, Crysa first builds an internal snapshot of the project, learning what web framework is used, how authentication works, what routes exist, and what user roles are defined, so its later reasoning about each file has real context. Installation is a simple pip install, with no Docker container or database required, and it can connect to any API service that follows the OpenAI request format. Once installed, a user can scan a whole folder or a single file, watch a folder continuously while an AI coding agent is actively writing code, or scan just the changes in a git diff before committing. Results can be shown directly in the terminal, saved as JSON, or exported in the SARIF format used by GitHub's code scanning feature, which makes it usable inside a continuous integration pipeline. There is also a mode that runs Crysa as an MCP server so AI coding tools like Claude Code or Cursor can call it directly, and a command that generates a detailed writeup and proof of concept for any single finding.
Crysa is a command line security scanner that uses an LLM to reason about code like a bug bounty hunter, catching logic flaws regex-based scanners miss.
Mainly Python. The stack also includes Python, CLI, MCP.
No license information is stated in the README.
Setup difficulty is rated easy, with roughly 5min to a first successful run.
Mainly developer.
This repo across BitVibe Labs
Verify against the repo before relying on details.