Because everyone should be able to explore cybersecurity—no fancy tools or gatekeeping required.
Your Journey into Security Starts Here!
Ever wondered how hackers find vulnerabilities? Want to learn how to protect websites and apps? You're in the right place! Drop in your code or website, and let's discover security together in a way that's fun, practical, and totally beginner-friendly.
SecurityLens is an educational tool designed to bridge the gap between curious minds and real-world security concepts. No need for advanced command-line skills or pricey security suites. If you can paste a link or drag a file, you're good to go!
- Security should be accessible: Tools like Kali Linux or Burp Suite can feel daunting to a newcomer.
- Hands-on learning: We believe you learn better by trying things, not just reading about them.
- Next-gen security pros: We need more people (of all ages!) excited about protecting digital spaces.
- Scan a GitHub Repo: Paste in the URL of an open-source project or your personal repo.
- Check a Live Website: Curious if a site has potential issues? Enter the address—no special setup needed.
- Analyze Local Code: Drag and drop files from your machine to see what might be lurking in your own projects.
- Firmware/Binary (Coming Soon!): We're working on a mini-lab approach to help you peek inside binaries without advanced tools.
When you run a scan, you'll see potential issues sorted by severity:
- CRITICAL:
Whoa! Immediate attention needed—like leaving your front door wide open! - HIGH:
Serious stuff—like a weak lock that a determined intruder could easily crack. - MEDIUM:
Worth fixing—think of it as upgrading old locks to sturdier ones. - LOW:
Good practice—like adding a camera to an already secure house. Always nice to have.
Each finding includes a quick explanation of why it matters, some code examples, multipe references to learn more,and tips to fix it—so you can learn and apply that knowledge going forward.
- Look deeper: Don't just stop at the first warning. Real security experts always ask "Why?"
- Examine the code: Our examples show you exactly where vulnerabilities might lurk.
- Explore solutions: We provide "safe" snippets or pointers to help you patch issues effectively.
- No gatekeeping: If you don't know a term, no worries! That's why we're here—to make it clear and approachable.
# 1. Clone the repository
git clone https://github.com/DMontgomery40/SecurityLens.git
# 2. Install dependencies
npm install
# 3. Run the development server
npm run dev
# 4. Build for production
npm run buildOpen the app in your browser, and you're off to the races. No advanced CLI wizardry needed—just your curiosity!
SecurityLens also ships with a fully-featured CLI that you can use outside of the web UI.
# Display the built-in help
npx securitylens --help
# Scan a local path (file or directory)
npx securitylens scan ./path/to/project
# Scan a public GitHub repository
npx securitylens scan-repo https://github.com/owner/repo
# Exit codes follow common CI conventions – the process exits with 1 when
# CRITICAL or HIGH vulnerabilities are found so you can gate builds easily.If you need to access private repositories remember to provide a GitHub token:
GITHUB_TOKEN=ghp_... npx securitylens scan-repo https://github.com/owner/private-repoPrefer containers? We've got you covered! The repository includes a production-ready
Dockerfile that bundles both the static web interface and the CLI.
docker build -t securitylens .# Expose the Vite preview server on http://localhost:4173
docker run --rm -p 4173:4173 securitylens# Show help
docker run --rm securitylens securitylens --help
# Scan the current folder (mount it inside the container)
docker run --rm -v "$(pwd)":/workspace securitylens \
securitylens scan /workspace
# Scan a GitHub repo with a token
docker run --rm -e GITHUB_TOKEN=$GITHUB_TOKEN securitylens \
securitylens scan-repo https://github.com/owner/repoBecause the CLI is the container's entrypoint command, anything that comes
after the image name is forwarded directly to securitylens. Feel free to pass
all the regular flags shown in the examples above.
- Basic vulnerability scanning
- Educational how-to-fix guides
- GitHub integration
- Firmware/binary scanning in a mini-lab environment
- Interactive tutorials & challenges
- More advanced patterns & "cheat codes" for security
We want your input—whether you're a seasoned dev or just got your first "Hello, World!":
- Have ideas for new vulnerability checks? Let us know!
- Found a bug? Open an issue.
- Want to make it better? PRs welcome.
Check out our CONTRIBUTING.md for more on how to get involved.
Distributed under the MIT License. Because knowledge—and security—should be free for everyone.
Built by people who remember what it's like to be beginners, for the next generation of security heroes.