Open Source Application Security arsenal

Application Security

While building Security Phoenix we had a thought on sharing some of the component (open source) to enable to build a custom arsenal of open source vulnerabilities

Various Phases

it all starts on pen and paper

I always like to start with a mindmap of the various component, might be old school but hey it works and helps to focus

What are the components of the framework:

*) Enumeration/Reconnaissance In this phase you list the various component of an application, web source, API etc...

Then you start the merry go round

  1. Static code analyser - you look at code and identify with regular expression what's good and bad

  2. Dependency-Check - this enables to create a software composition

  3. Code relationships - again this is related to how the code and libraries interdepend with each other

  4. Cloud Assessment - this is an extra component if you have a cloud deployment

  5. Network assessment - there are multiple one (from Nmap to nettacker) depends really hwo deep you want to go

  6. Web/API assessment - in this case, you want to test with script or interjection the code quality that you send to a web frontend (burp, zap are name in this case)

  7. Vulnerability Managers not many aggregators, that's why we've created Security Phoenix

  8. Intelligence framework - This is an extra step if you want to integrate a threat feed/scanner in the project

The core arsenal

*) Enumeration/Reconnasance




1) Static code analyser -

2) Dependency-Check -

3) Code relationships -

3) Cloud Assessment - Prowler -

4) Network assessment - Nettacker -

> Tsunami -

*) Vulnerability Scanner/Management - Security Phoenix -

5. Intelligence framework -

Some of the tool available


Network Vuln assessment

Website Crawelers

> DNS Scan:

Vulns -

h4cker -



Network Vuln Build:

This could be a set of tools you could launch from a central location with a VM/docker images

Idea of the build: