Status: 🚧 IN DEVELOPMENT
Sera is an automated vulnerability scanning tool for web applications and APIs. It performs comprehensive security testing to identify common vulnerabilities including HTTP/HTTPS misconfigurations, SQL injection, XSS (Cross-Site Scripting), and integrates with OWASP ZAP for active and passive scanning.
- HTTP/HTTPS Security Testing - Validates SSL/TLS configurations and security headers
- SQL Injection Detection - Scans for SQL injection vulnerabilities
- XSS Vulnerability Scanning - Identifies potential Cross-Site Scripting issues
- OWASP ZAP Integration - Active and passive scanning capabilities
- Automated Reporting - Generates comprehensive vulnerability reports in JSON format
‘‘‘bash git clone ‘‘‘
‘‘‘bash pip install -r requirements.txt ‘‘‘
‘‘‘bash python main.py ‘‘‘
Sera will generate a vulnerability_report.json file containing the scan results.
- Integration into CI/CD Pipelines
- Enhanced test coverage with more complex vulnerability detection patterns
- Support for additional vulnerability types
- Interactive CLI with customizable scan profiles
- Integration with SAST (Static Application Security Testing) tools
- Python 3.12+
- virtualenv
- See
requirements.txtfor package dependencies