UI/UX Overhaul & Native Apps Support

What's New

Native Mobile Apps Support

• Android: Manifest analysis and permission scanning
• iOS: Plist security configuration analysis
• Auto-detection: Automatic detection of mobile app projects

UI/UX Improvements

• Collapsible Tool Categories: Auto-collapse clean categories, expand only those with issues
• Categorized Grid Layout: Tools grouped by functionality (Static Analysis, Dependencies, Secrets, etc.)
• Color-Coded Status: Visual indicators
• Compact Tool Cards: More efficient space usage with modern card-based layout
• Tool Status Badges: Clear indication of findings count per tool
• Category Statistics: Shows count of tools with issues per category

Fixed

• Snyk Scanner: No longer fails when SNYK_TOKEN is not provided
  • Gracefully skips with clear message
  • Prevents authentication errors (401)
  • Shows skipped status in report

Removed

• LLM Chat Integration: Removed for single-shot scan compatibility
• WebUI Interactive Buttons: Removed scan/refresh controls for standalone reports
• Backend Dependencies: No server-side requirements anymore

Highlights

• Standalone HTML Reports - Fully self-contained with no external dependencies
• Collapsible Categories - Reduce visual noise, focus on what matters
• Simplified Architecture - Removed all interactive web features
• Native Mobile Support - Android & iOS manifest analysis
• Improved Report Readability - Better organization and visual hierarchy

v1.1.0 - Major Scanner Expansion: 25+ New Security Tools

Release Notes for v1.1.0

26 new scanners across 5 categories.

What's New?

Code Analysis (9 tools):

• CodeQL
• OWASP Dependency Check
• Safety
• Snyk
• SonarQube
• Checkov
• ESLint
• Bandit
• Brakeman

Secrets Detection (3 tools):

• TruffleHog
• GitLeaks
• Detect-secrets

Container Security (2 tools):

• Clair
• Anchore

Web Application (4 tools):

• Nuclei
• Wapiti
• Nikto
• Burp Suite

Infrastructure & Network (5 tools):

• Terraform Security
• Kube-hunter
• Kube-bench
• Docker Bench
• npm audit

The Numbers:

• v1.0.0: 3 scanners
• v1.1.0: 28+ integrated security tools

Highlights:

• Plugin-based architecture for per-tool configuration
• Cached OWASP Dependency Check data for faster scans
• Coverage for code, containers, web apps, and infrastructure
• Expanded cloud and infrastructure security capabilities

SingleShot SimpleSecCheck

SimpleSecCheck v1.0.0

Professional Single-Shot Security Scanner

What's New

• Initial release with comprehensive security scanning
• Support for both codebases and websites
• Dark Mode default with detailed HTML reports
• Docker-based execution (no local tool installation)

Usage

# Scan local code
./run-docker.sh /path/to/project

# Scan website  
./run-docker.sh https://example.com

Tools

• ZAP - Web vulnerability scanning
• Semgrep - Static code analysis
• Trivy - Dependency & container scanning

Features

• Single-shot deep analysis (no monitoring risks)
• Project-specific result directories
• Risk-based categorization
• Interactive HTML reports

Full documentation: See README.md

v0.0.1

Summary-Dashboard via docker compose --build web