-
Notifications
You must be signed in to change notification settings - Fork 0
Architecture
A comprehensive visual documentation of the Garrison Security Engine's architecture, data flows, and component relationships.
The Counterscarp Engine follows a modular, pipeline-based architecture with a central orchestrator coordinating multiple specialized security analyzers. The system is designed to be extensible, allowing optional analyzers to be integrated based on project requirements.
flowchart TD
subgraph Interfaces["User Interfaces"]
CLI["CLI"]
GUI["GUI"]
end
subgraph Orchestrator["Central Orchestrator"]
ORCH["Orchestrator"]
end
subgraph Analyzers["Security Analyzers"]
direction TB
STATIC["Static Analysis"]
DYNAMIC["Dynamic Analysis"]
HEURISTIC["Heuristic Scanner"]
SOLANA["Solana Analyzer"]
UPGRADE["Upgrade Diff"]
end
subgraph StaticTools["Static Tools"]
SLITHER["Slither"]
ADERYN["Aderyn"]
MYTHRIL["Mythril"]
end
subgraph DynamicTools["Dynamic Tools"]
FOUNDRY["Foundry Fuzz"]
MEDUSA["Medusa"]
end
subgraph ThreatIntel["Threat Intelligence"]
KNOWLEDGE["Knowledge Fetcher"]
SOLANA_INTEL["Solana Intel"]
C4["Code4rena"]
IMMUNEFI["Immunefi"]
SOLODIT["Solodit"]
end
subgraph SupplyChain["Supply Chain"]
SCC["Supply Chain Check"]
OSV["OSV.dev API"]
end
subgraph Innovative["Innovative Features"]
direction TB
RAG["RAG Engine"]
EMB["Embeddings"]
AG["Attack Graph"]
VIS["Visualizer"]
HIST["History Scanner"]
IDL["IDL Validator"]
PIPE["Pipeline Gen"]
FP["Fingerprint"]
PDB["Protocol DB"]
end
subgraph Infrastructure["Core Infrastructure"]
LOGGER["Logger"]
EXCEPTIONS["Exceptions"]
CONFIG["Config Loader"]
HTTP["HTTP Utils"]
end
subgraph Reporting["Report Generation"]
REPORT["Report Generator"]
HTML["HTML"]
MD["Markdown"]
SARIF["SARIF"]
end
subgraph External["External Tools"]
EXT_SLITHER["slither"]
EXT_ADERYN["aderyn"]
EXT_MEDUSA["medusa"]
EXT_MYTH["myth"]
EXT_FORGE["forge"]
EXT_OPENAI["OpenAI"]
EXT_ANTHROPIC["Anthropic"]
end
CLI --> ORCH
GUI --> ORCH
ORCH --> Analyzers
ORCH --> SupplyChain
ORCH --> ThreatIntel
ORCH --> Innovative
ORCH --> Reporting
STATIC --> SLITHER
STATIC --> ADERYN
STATIC --> MYTHRIL
DYNAMIC --> FOUNDRY
DYNAMIC --> MEDUSA
KNOWLEDGE --> C4
KNOWLEDGE --> IMMUNEFI
KNOWLEDGE --> SOLODIT
SCC --> OSV
RAG --> EMB
RAG --> EXT_OPENAI
RAG --> EXT_ANTHROPIC
AG --> VIS
FP --> PDB
SLITHER --> EXT_SLITHER
ADERYN --> EXT_ADERYN
MEDUSA --> EXT_MEDUSA
MYTHRIL --> EXT_MYTH
FOUNDRY --> EXT_FORGE
Analyzers -.-> LOGGER
Analyzers -.-> EXCEPTIONS
Analyzers -.-> CONFIG
ThreatIntel -.-> HTTP
SupplyChain -.-> HTTP
Innovative -.-> HTTP
Innovative -.-> LOGGER
Innovative -.-> CONFIG
HTTP -.-> LOGGER
HTTP -.-> CONFIG
REPORT --> HTML
REPORT --> MD
REPORT --> SARIF
The orchestrator executes a 13-phase sequential pipeline. Each phase can be enabled/disabled via configuration or command-line flags. Optional phases are marked with decision nodes.
flowchart TD
START(["Start"]) --> DEC0
DEC0{"RAG?"} -->|Yes| PHASE0
DEC0 -->|No| PHASE1
PHASE0["Phase 0: RAG Enrichment"] --> PHASE1
PHASE1["Phase 1: Supply Chain"] --> PHASE2
PHASE2["Phase 2: Slither Analysis"] --> DEC2
DEC2{"Aderyn?"} -->|Yes| PHASE2B
DEC2 -->|No| DEC3
PHASE2B["Phase 2B: Aderyn"] --> DEC3
DEC3{"Foundry?"} -->|Yes| PHASE3
DEC3 -->|No| DEC4
PHASE3["Phase 3: Foundry Fuzz"] --> DEC4
DEC4{"Medusa?"} -->|Yes| PHASE3B
DEC4 -->|No| DEC4A
PHASE3B["Phase 3B: Medusa"] --> DEC4A
DEC4A{"Fingerprint?"} -->|Yes| PHASE3C
DEC4A -->|No| PHASE4
PHASE3C["Phase 3C: Fingerprint"] --> PHASE4
PHASE4["Phase 4: Heuristic Scan"] --> DEC5
DEC5{"Mythril?"} -->|Yes| PHASE5
DEC5 -->|No| DEC5A
PHASE5["Phase 5: Mythril"] --> DEC5A
DEC5A{"History?"} -->|Yes| PHASE5B
DEC5A -->|No| DEC6
PHASE5B["Phase 5B: History Scan"] --> DEC6
DEC6{"Solana?"} -->|Yes| PHASE6
DEC6 -->|No| DEC6A
PHASE6["Phase 6: Solana"] --> DEC6A
DEC6A{"IDL?"} -->|Yes| PHASE6B
DEC6A -->|No| DEC7
PHASE6B["Phase 6B: IDL Validate"] --> DEC7
DEC7{"Upgrade?"} -->|Yes| PHASE7
DEC7 -->|No| DEC7A
PHASE7["Phase 7: Upgrade Diff"] --> DEC7A
DEC7A{"Attack Graph?"} -->|Yes| PHASE7B
DEC7A -->|No| PHASE8
PHASE7B["Phase 7B: Attack Graph"] --> PHASE8
PHASE8["Phase 8: Report Gen"] --> DEC9
DEC9{"Full Report?"} -->|Yes| PHASE9
DEC9 -->|No| END1
PHASE9["Phase 9: Full Reports"] --> END2
END1(["Action Plan"])
END2(["Full Reports"])
This diagram shows the import dependencies between modules. Core infrastructure modules are at the base, with analyzers and interfaces building on top.
flowchart LR
subgraph Core["Core Infrastructure"]
direction TB
EXC["Exceptions"]
LOG["Logger"]
CFG["Config"]
HTTP["HTTP"]
end
subgraph Analyzers["Analyzers"]
direction TB
RTS["Red Team"]
HS["Heuristic"]
FW["Fuzz"]
SW["Symbolic"]
AW["Aderyn"]
MW["Medusa"]
SA["Solana"]
UD["Upgrade"]
end
subgraph APIs["API Modules"]
direction TB
KF["Knowledge"]
SI["Solana Intel"]
SCC["Supply Chain"]
TI["Threat Intel"]
end
subgraph Innovative["Innovative"]
direction TB
RAG["RAG"]
EMB["Embeddings"]
AG["Attack Graph"]
VIS["Visualizer"]
HIST["History"]
IDL["IDL"]
PIPE["Pipeline"]
FP["Fingerprint"]
PDB["Protocol DB"]
end
subgraph Interfaces["Interfaces"]
direction TB
ORCH["Orchestrator"]
GUI["GUI"]
end
subgraph Reporting["Reporting"]
RG["Report Gen"]
end
%% Core dependencies
CFG -.-> LOG
CFG -.-> EXC
HTTP -.-> LOG
HTTP -.-> EXC
HTTP -.-> CFG
%% Analyzers depend on core
RTS -.-> LOG
RTS -.-> EXC
HS -.-> LOG
HS -.-> EXC
HS -.-> CFG
FW -.-> LOG
FW -.-> EXC
SW -.-> LOG
SW -.-> EXC
AW -.-> LOG
AW -.-> EXC
MW -.-> LOG
MW -.-> EXC
SA -.-> LOG
SA -.-> EXC
UD -.-> LOG
UD -.-> EXC
%% API modules depend on http
KF -.-> HTTP
SI -.-> HTTP
SCC -.-> HTTP
TI -.-> HTTP
%% Innovative features
RAG -.-> EMB
RAG -.-> HTTP
RAG -.-> LOG
AG -.-> VIS
AG -.-> LOG
HIST -.-> LOG
HIST -.-> CFG
IDL -.-> LOG
IDL -.-> SA
PIPE -.-> LOG
PIPE -.-> CFG
FP -.-> PDB
FP -.-> HTTP
FP -.-> LOG
PDB -.-> LOG
%% Reporting depends on core
RG -.-> LOG
RG -.-> EXC
%% Orchestrator imports
ORCH --> RTS
ORCH --> SCC
ORCH --> FW
ORCH --> HS
ORCH --> SW
ORCH --> AW
ORCH --> MW
ORCH --> SA
ORCH --> UD
ORCH --> CFG
ORCH --> RG
ORCH --> RAG
ORCH --> AG
ORCH --> HIST
ORCH --> IDL
ORCH --> PIPE
ORCH --> FP
%% GUI imports
GUI -.-> ORCH
GUI -.-> HS
GUI -.-> RTS
GUI -.-> SCC
Counterscarp Engine uses a custom exception hierarchy for structured error handling. All exceptions inherit from CounterscarperError and support optional details dictionaries for structured context.
classDiagram
class CounterscarperError {
+str message
+dict details
+__init__(message, details)
+__str__() str
+to_dict() dict
}
class CounterscarperConfigError {
+Configuration loading/validation errors
}
class CounterscarperAnalysisError {
+Security analyzer failures
}
class CounterscarperAPIError {
+External API call failures
}
class CounterscarperReportError {
+Report generation failures
}
class CounterscarperToolNotFoundError {
+Required external tool not found
}
class CounterscarperValidationError {
+Input validation failures
}
class CounterscarperTimeoutError {
+Operation timeout errors
}
CounterscarperError <|-- CounterscarperConfigError
CounterscarperError <|-- CounterscarperAnalysisError
CounterscarperError <|-- CounterscarperAPIError
CounterscarperError <|-- CounterscarperReportError
CounterscarperError <|-- CounterscarperToolNotFoundError
CounterscarperError <|-- CounterscarperValidationError
CounterscarperError <|-- CounterscarperTimeoutError
| Exception | Usage Context | Example Details |
|---|---|---|
CounterscarperConfigError |
Invalid TOML syntax, missing required keys | {"path": "config.toml", "line": 42} |
CounterscarperAnalysisError |
Slither/Aderyn/Mythril execution failure | {"tool": "slither", "contract": "Token.sol"} |
CounterscarperAPIError |
OSV.dev, threat intel API failures | {"api": "osv", "status_code": 503} |
CounterscarperReportError |
HTML/MD/SARIF generation failure | {"format": "html", "output_path": "/reports"} |
CounterscarperToolNotFoundError |
Missing external tool in PATH | {"tool": "mythril", "install_cmd": "pip install mythril"} |
CounterscarperValidationError |
Invalid input parameters | {"field": "address", "value": "0x123"} |
CounterscarperTimeoutError |
Analysis exceeding time limits | {"operation": "symbolic_analysis", "timeout_seconds": 300} |
The configuration system uses a layered approach with base configuration and profile-specific overrides. All configuration is validated and loaded into typed dataclasses.
flowchart LR
subgraph ConfigFiles["Config Files"]
BASE["counterscarp.toml"]
PR["counterscarp-pr.toml"]
AUDIT["counterscarp-audit.toml"]
BOUNTY["counterscarp-bounty.toml"]
end
subgraph Loader["Config Loader"]
LOADER["Loader"]
VALIDATE["Validation"]
end
subgraph DataClasses["Dataclasses"]
ROOT["CounterscarperConfig"]
subgraph Sections["Config Sections"]
ENGINE["Engine"]
HEUR["Heuristic"]
STATIC["Static"]
FUZZ["Fuzzing"]
SC["Supply Chain"]
TI["Threat Intel"]
REP["Reporting"]
AI["AI"]
end
end
subgraph Consumers["Consumers"]
MODULES["Modules"]
end
BASE --> LOADER
PR --> LOADER
AUDIT --> LOADER
BOUNTY --> LOADER
LOADER --> VALIDATE
VALIDATE --> ROOT
ROOT --> ENGINE
ROOT --> HEUR
ROOT --> STATIC
ROOT --> FUZZ
ROOT --> SC
ROOT --> TI
ROOT --> REP
ROOT --> AI
ROOT --> MODULES
| Section | Dataclass | Purpose |
|---|---|---|
engine |
EngineConfig |
Engine name, version, fail severity, max findings |
heuristics |
HeuristicConfig |
Heuristic scanner enable/disable, rule overrides |
suppressions |
List[Suppression] |
Finding suppression rules with file/line/expiration |
static_analysis |
StaticAnalysisConfig |
Slither/Aderyn settings, detector filters |
fuzzing |
FuzzingConfig |
Foundry/Medusa settings, runs, timeouts |
red_team |
RedTeamConfig |
Severity allowlist, ignored checks |
external_tools |
ExternalToolsConfig |
Tool-specific timeouts |
supply_chain |
SupplyChainConfig |
OSV.dev settings, ecosystem, rate limits |
threat_intel |
ThreatIntelConfig |
API timeouts for C4, Immunefi, Solana sources |
http |
HttpConfig |
HTTP client retry, backoff, timeout settings |
chains |
ChainConfig |
Solana/EVM chain-specific settings |
upgrade_diff |
UpgradeDiffConfig |
Upgrade comparison settings |
reporting |
ReportingConfig |
Output format, sections, verbosity |
ci |
CIConfig |
CI/CD integration settings |
ai |
AIConfig |
RAG, LLM provider, embedding settings |
visualization |
VisualizationConfig |
Attack graph, output format settings |
history |
HistoryConfig |
Git history scan, blame attribution |
chains.solana.idl |
IDLConfig |
Anchor IDL validation settings |
ci.generator |
CIGeneratorConfig |
Pipeline generation settings |
exploit_generation |
ExploitGenerationConfig |
Exploit template, LLM settings |
fingerprint |
FingerprintConfig |
Protocol similarity, database settings |
Counterscarp Engine provides three pre-configured execution profiles optimized for different use cases.
| Feature | PR Mode | Audit Mode | Bounty Mode |
|---|---|---|---|
| Config file | counterscarp-pr.toml |
counterscarp-audit.toml |
counterscarp-bounty.toml |
| Target time | < 2 min | 10-30 min | 1-2 hours |
| Slither | Yes | Yes | Yes |
| Aderyn | No | Yes | Yes |
| Foundry fuzz | No | Yes (250K runs) | Yes (500K runs) |
| Medusa | No | No | Yes |
| Mythril | No | No | Optional |
| Heuristics | 31 rules | 31 rules | 31 rules |
| Threat Intel | Yes | Yes | Yes |
| AI PoC Gen | No | No | Yes |
| Fail threshold | HIGH+ | MEDIUM+ | None (report all) |
| Report formats | Markdown | HTML + MD | HTML + MD + SARIF |
- PR Mode: Fast feedback for continuous integration. Focuses on critical issues only.
- Audit Mode: Balanced depth for standard security audits. Includes all major analyzers.
- Bounty Mode: Maximum coverage for bug bounty preparation. Enables all optional tools.
This sequence diagram shows how a security finding flows through the system from detection to final report output.
sequenceDiagram
participant Analyzer as Analyzer
participant Orchestrator as Orchestrator
participant Config as Config
participant ReportGen as ReportGen
participant Output as Output
Analyzer->>Analyzer: Detect vulnerability
Analyzer->>Analyzer: Classify severity
Analyzer->>Orchestrator: Return finding
Orchestrator->>Config: Check suppression
alt Suppressed
Config-->>Orchestrator: Suppressed
Orchestrator->>Orchestrator: Skip
else Not suppressed
Config-->>Orchestrator: Active
Orchestrator->>Orchestrator: Add to findings
end
Orchestrator->>Orchestrator: Aggregate findings
Orchestrator->>ReportGen: Pass findings
ReportGen->>ReportGen: Format by type
alt Markdown
ReportGen->>ReportGen: Generate MD
ReportGen->>Output: Write MD
end
alt HTML
ReportGen->>ReportGen: Generate HTML
ReportGen->>Output: Write HTML
end
alt SARIF
ReportGen->>ReportGen: Generate SARIF
ReportGen->>Output: Write SARIF
end
Output-->>Orchestrator: Confirm paths
Orchestrator->>Orchestrator: Display summary
@dataclass
class Finding:
rule_id: str # Unique identifier (e.g., "reentrancy-eth")
severity: str # CRITICAL, HIGH, MEDIUM, LOW, INFO
category: str # Heuristic, Slither, Aderyn, etc.
title: str # Human-readable title
description: str # Detailed description
file: str # Source file path
line_no: int # Line number
code_snippet: str # Affected code
remediation: str # Fix suggestion (optional)- Rule ID Match: Finding's rule_id must match suppression rule_id
- File Match (optional): If suppression specifies file, exact or path match required
- Line Match (optional): If suppression specifies line, exact line number required
- Expiration Check: If suppression has expires date, must not be past due
This section details how the 7 innovative features integrate with the core Counterscarp Engine architecture.
The RAG-based knowledge system enriches findings with contextual explanations from historical audit data.
flowchart LR
subgraph Input["Input"]
FINDING["Finding"]
end
subgraph RAGPipeline["RAG Pipeline"]
EMB["Embedding"]
VDB["Vector DB"]
RETRIEVE["Retrieve"]
PROMPT["Prompt"]
end
subgraph LLM["LLM"]
OPENAI["OpenAI"]
ANTHROPIC["Anthropic"]
end
subgraph Output["Output"]
EXPLANATION["Explanation"]
FIX["Fix"]
REFS["Refs"]
end
FINDING --> EMB
EMB --> VDB
VDB --> RETRIEVE
RETRIEVE --> PROMPT
PROMPT --> OPENAI
PROMPT --> ANTHROPIC
OPENAI --> EXPLANATION
ANTHROPIC --> EXPLANATION
EXPLANATION --> FIX
EXPLANATION --> REFS
Key Components:
-
rag_engine.py- Main RAG orchestrator -
embeddings.py- Text embedding generation (local + API) - Vector store for historical audit embeddings
- Prompt templates for vulnerability explanation
Generates interactive force-directed graphs showing cross-contract vulnerability chains.
flowchart TD
subgraph Data["Data"]
FINDINGS["Findings"]
CALLGRAPH["Call Graph"]
STATE["State"]
end
subgraph Builder["Graph Builder"]
NODES["Nodes"]
EDGES["Edges"]
RISK["Risk"]
end
subgraph Viz["Visualization"]
D3["D3.js"]
INTERACTIVE["Controls"]
EXPORT["Export"]
end
FINDINGS --> NODES
CALLGRAPH --> EDGES
STATE --> EDGES
NODES --> RISK
EDGES --> RISK
RISK --> D3
D3 --> INTERACTIVE
INTERACTIVE --> EXPORT
Git-based historical analysis for tracking when vulnerabilities were introduced.
flowchart LR
subgraph Git["Git"]
LOG["Log"]
DIFF["Diff"]
BLAME["Blame"]
end
subgraph Scanner["Scanner"]
COMMITS["Commits"]
CHECKOUT["Checkout"]
TRACK["Tracker"]
end
subgraph Output["Output"]
TIMELINE["Timeline"]
DEBT["Debt"]
ATTRIB["Attribution"]
end
LOG --> COMMITS
DIFF --> CHECKOUT
BLAME --> TRACK
COMMITS --> CHECKOUT
CHECKOUT --> TRACK
TRACK --> TIMELINE
TRACK --> DEBT
TRACK --> ATTRIB
Solana-specific IDL validation for Anchor programs.
flowchart TD
subgraph Input["Input"]
IDL["IDL"]
RS["Rust"]
end
subgraph Validation["Validation"]
PARSE["Parser"]
CONSTRAINT["Constraints"]
CPI["CPI"]
MATRIX["Matrix"]
end
subgraph Output["Output"]
ERRORS["Errors"]
FLOWS["Flows"]
PERMS["Perms"]
end
IDL --> PARSE
RS --> CONSTRAINT
PARSE --> CONSTRAINT
CONSTRAINT --> CPI
CPI --> MATRIX
CONSTRAINT --> ERRORS
CPI --> FLOWS
MATRIX --> PERMS
Multi-platform pipeline generation for security automation.
flowchart LR
subgraph Config["Config"]
TOML["counterscarp.toml"]
PROFILES["Profiles"]
end
subgraph Generator["Generator"]
TEMPLATES["Templates"]
GITHUB["GitHub"]
GITLAB["GitLab"]
AZURE["Azure"]
JENKINS["Jenkins"]
end
subgraph Features["Features"]
PR["PR"]
SARIF["SARIF"]
NOTIFY["Notify"]
end
TOML --> TEMPLATES
PROFILES --> TEMPLATES
TEMPLATES --> GITHUB
TEMPLATES --> GITLAB
TEMPLATES --> AZURE
TEMPLATES --> JENKINS
GITHUB --> PR
GITHUB --> SARIF
GITLAB --> NOTIFY
Pattern-to-template exploit generation with multi-LLM support.
flowchart TD
subgraph Input["Input"]
RULE["Rule"]
CODE["Code"]
CONTEXT["Context"]
end
subgraph Generator["Generator"]
MAPPER["Mapper"]
TEMPLATES["Templates"]
INFERENCE["Inference"]
ORACLE["Oracle"]
end
subgraph LLM["LLM"]
OPENAI["OpenAI"]
ANTHROPIC["Anthropic"]
end
subgraph Output["Output"]
TEST["Test"]
SETUP["Setup"]
PROOF["PoC"]
end
RULE --> MAPPER
CODE --> INFERENCE
CONTEXT --> INFERENCE
MAPPER --> TEMPLATES
TEMPLATES --> OPENAI
TEMPLATES --> ANTHROPIC
INFERENCE --> OPENAI
INFERENCE --> ANTHROPIC
ORACLE --> OPENAI
OPENAI --> TEST
ANTHROPIC --> TEST
TEST --> SETUP
TEST --> PROOF
Protocol similarity detection and inherited vulnerability analysis.
flowchart LR
subgraph Database["Database"]
UNI["Uniswap"]
COMP["Compound"]
AAVE["Aave"]
OZ["OpenZeppelin"]
CUSTOM["Custom"]
end
subgraph Scanner["Scanner"]
AST["AST"]
SIMILARITY["Similarity"]
MATCHING["Matching"]
end
subgraph Analysis["Analysis"]
INHERIT["Inherited"]
HISTORY["History"]
RISK["Risk"]
end
subgraph Output["Report"]
MATCH["Match"]
WARNINGS["Warnings"]
RECS["Recs"]
end
UNI --> AST
COMP --> AST
AAVE --> AST
OZ --> AST
CUSTOM --> AST
AST --> SIMILARITY
SIMILARITY --> MATCHING
MATCHING --> INHERIT
MATCHING --> HISTORY
INHERIT --> RISK
HISTORY --> RISK
MATCHING --> MATCH
RISK --> WARNINGS
RISK --> RECS
| Module | Purpose | Key Classes/Functions |
|---|---|---|
orchestrator.py |
CLI entry point, pipeline controller |
main(), generate_markdown_report()
|
red_team_scan.py |
Slither integration |
run_slither(), filter_vulnerabilities()
|
heuristic_scanner.py |
Pattern-based analysis |
scan_target(), HeuristicFinding
|
fuzz_wrapper.py |
Foundry fuzzing |
run_foundry_fuzz(), parse_counterexamples()
|
symbolic_wrapper.py |
Mythril integration |
run_mythril(), parse_issues()
|
aderyn_wrapper.py |
Aderyn integration | run_aderyn() |
medusa_wrapper.py |
Medusa fuzzing | run_medusa_fuzz() |
solana_analyzer.py |
Solana/Anchor analysis | analyze_solana_program() |
upgrade_diff.py |
Upgrade safety | analyze_upgrade() |
supply_chain_check.py |
Dependency scanning | scan_package_json() |
knowledge_fetcher.py |
Threat intelligence | Fetch from C4, Immunefi, Solodit |
solana_intel.py |
Solana-specific intel | Fetch from Neodyme, OtterSec, Sec3 |
report_generator.py |
Professional reports |
create_audit_report(), Finding
|
config_loader.py |
Configuration management |
load_config(), CounterscarperConfig
|
logger.py |
Structured logging | get_logger() |
exceptions.py |
Custom exceptions |
CounterscarperError hierarchy |
http_utils.py |
Resilient HTTP client | Retry, backoff, rate limiting |
gui.py |
Tkinter GUI interface | GUI application |
intent_check.py |
Liar Detector | NatSpec validation |
access_matrix.py |
Access control analysis | Permission mapping |
exploit_generator.py |
AI PoC generation | Exploit templates |
inflation_scaffold.py |
Tokenomics analysis | Inflation detection |
threat_intel.py |
Core threat intel | Intelligence aggregation |
rag_engine.py |
RAG knowledge retrieval |
query_knowledge_base(), enrich_finding()
|
embeddings.py |
Text embeddings |
generate_embedding(), EmbeddingCache
|
attack_graph.py |
Attack path construction |
build_attack_graph(), find_attack_paths()
|
visualizer.py |
Interactive visualization |
generate_d3_graph(), export_mermaid()
|
history_scanner.py |
Git history analysis |
scan_history(), blame_vulnerability()
|
idl_validator.py |
Anchor IDL validation |
validate_idl(), trace_cpi_flows()
|
pipeline_generator.py |
CI/CD pipeline gen |
generate_github_actions(), generate_gitlab_ci()
|
fingerprint_scanner.py |
Protocol similarity |
fingerprint_contract(), find_inherited_vulns()
|
protocol_db.py |
Protocol fingerprint DB |
ProtocolFingerprint, SimilarityEngine
|
- Rules-Catalog — Security detection rules reference
- Plugin-Development — Extending the architecture with plugins
- Contributing — Development guidelines
Scarpshield Wiki (Counterscarp Engine)
- Home
- Current Status
- Getting Started
- CLI Reference
- Configuration
- Web App Guide
- Deployment
- Report Formats
- Rules Catalog
- Architecture
- Plugin Development
- Contributing
- Security & Licensing
- Pricing & Pro Features
- FAQ & Troubleshooting
GitHub Repo | Web App | PyPI