app-audit runs candidate applications in an instrumented sandbox, watches everything they do, and produces a defensible report that supports your approve / reject decision. Zero unknowns. All evidence.
A vendor's marketing page is not evidence. A privacy policy is not evidence. Behavior under instrumentation is evidence.
Looks at the binary on disk. Doesn't see what it does at runtime.
Insufficient
Catches known-CVE deps in the supply chain. Doesn't see what the binary actually transmits.
Insufficient
Runs the candidate. Observes every syscall, every TLS payload (decrypted), every network destination. Produces a signed report with evidence.
Defensible
Upload a binary, container image, or package through the web UI. Or paste a URL — the system fetches it for you. 18 formats auto-detected: Linux ELF, Windows .exe, Docker / OCI container images, npm .tgz, PyPI sdist + wheel, NuGet .nupkg, Cargo .crate, RubyGems .gem, Composer, Maven JAR, Go modules, Helm charts, Conda packages, Hex packages, VS Code / Chrome / Firefox extensions. Detection is structural — we peek inside archives for ecosystem-specific manifest files rather than trusting filename extensions. Each format routes through the appropriate audit path: install commands run under instrumentation for npm / PyPI / Maven JAR, with broader runtime support landing per release.
Run the binary in a privileged Linux container with eBPF tracepoints on every syscall, uprobes on libssl + Go's crypto/tls (capturing plaintext before encryption), and a TLS-terminating proxy at the container egress (catches TLS libraries we don't have hooks for). 18 unique-per-run honeytokens are planted in ~/.aws/credentials, ~/.ssh/id_rsa, browser cookie stores, env vars.
Every event flows through 13 streaming detectors + 3 post-enrichment detectors: HoneytokenHit (smoking gun — a planted token observed in outbound traffic), VendorDiff (unauthorized destination), SandboxDetection (probing for VM markers), HostFingerprint, TimeManipulation, Persistence (write-shape opens of cron / systemd / shell rc files), PII (Luhn-validated CC numbers, JWT, email), Beaconing (regular-interval phone-home), CryptoMining (Stratum-port connects), KnownBadASN, KnownBadDomain, GeoPolicy.
Markdown + HTML report with a recommended decision: REJECT / REVIEW / APPROVE. Severity-grouped findings with evidence references back to the JSONL event log. Network-destinations table enriched with PTR / ASN / country. SHA-256 sidecar for tamper-evident sign-off. Auditor signs off through the web UI; baseline saved for re-audit on the next vendor release.
Synthetic clones modeled after public disclosures. The audit pipeline positively identifies each one (43-assertion test suite passing). Click any tile to read the actual REJECT report.
2017 · Avast supply-chain trojan
HostFingerprint + VendorDiff
2020 · ~18,000 customer orgs
SandboxDetection + TimeManipulation + Beaconing
2023 · Mac + Windows info-stealer
HoneytokenHit (Chrome cookie marker)
2015 · ~4,000 iOS App Store apps
VendorDiff (typosquat) + HostFingerprint
2018 · BTC-wallet stealer
HoneytokenHit (BTC wallet marker)
2021 · CVE-2021-44228
HoneytokenHit + VendorDiff
various · DPRK actor
HoneytokenHit (SSH key marker)
2017 · pre-destructive fingerprint
HostFingerprint + SandboxDetection + TimeManipulation
2021 · RMM-agent ransomware
SensitivePath + Persistence + VendorDiff
2023 · mass-exfil exploit
HoneytokenHit (sensitive-doc marker)
2021 · env-scrape + stage-2
HoneytokenHit + VendorDiff
2021 · CI env wholesale dump
HoneytokenHit + VendorDiff
2022 · post-takeover exfil
HoneytokenHit + VendorDiff
2022 · multi-marker harvester
HoneytokenHit (multiple markers)
2014+ · travel-targeting
HostFingerprint + TimeManipulation + SandboxDetection
2018 · MSP cloud-cred pivot
HoneytokenHit (AWS) + SensitivePath
Highlighted tiles are HoneytokenHit findings — the strongest possible signal. The candidate read our planted credential and transmitted it. There's no benign interpretation.
Pick a candidate and watch the audit pipeline identify it. Each scenario reproduces a real-world attack pattern; the verdicts and findings shown are exactly what the production tool produces against the synthetic clone.
Choose a candidate to audit:
Pick a candidate above to begin.
Most security tools are platform- or ecosystem-specific — a binary scanner here, an npm scanner there, a container scanner over there. app-audit is one pipeline: upload anything, get the same defensible REJECT/REVIEW/APPROVE report. Detection is structural (we peek inside archives for ecosystem manifests), not extension-based, so a mislabelled file gets routed correctly anyway.
Direct exec under eBPF
Full dynamic audit
Wrapped in Wine
Full dynamic audit
Sibling container, shared net ns
Full dynamic audit
npm install under instrumentation
Postinstall hooks audited
pip install under instrumentation
setup.py audited
pip install + force-import
__init__ audited
java -jar under instrumentation
Full dynamic audit
helm template render
Static + render audit
Extract + scan
Static — dotnet runtime in v1.13
Extract + scan
Static — rustc in v1.14
Extract + scan
Static — gem runtime in v1.13
Extract + scan
Static — PHP in v1.13
Extract + scan
Static — Go runtime in v1.13
Extract + scan (gzip / bzip2)
Static
Extract + scan
Static
Extract + manifest analysis
Static — headless harness in v1.13
Cr24 strip → ZIP scan
Static — headless Chromium in v1.13
Extract + manifest analysis
Static — headless Firefox in v1.13
All formats produce the same Markdown + HTML report shape — Recommended decision, Summary, severity-grouped findings, evidence, coverage caveats. The web UI's renderer doesn't need a special case per ecosystem.
Most security tools call themselves "enterprise" and mean we plan to support SSO eventually. app-audit ships the full enterprise-deployment plumbing today, in the open, tested in CI — SSO behind any OAuth2/OIDC proxy you already run, three-role RBAC enforced per handler, hashed API tokens, append-only meta-audit log, Slack + Jira + generic webhook fanout. Zero new third-party dependencies in the entire enterprise layer — your security team can audit it in an afternoon.
Sits behind any OAuth2 / OIDC reverse proxy (oauth2-proxy, Pomerium, Authentik, Keycloak). Identity is forwarded via standard X-Forwarded-Email / X-Forwarded-Groups headers. Three roles map to handler privileges: submitter, auditor, approver. Group membership at the IdP drives role assignment.
Production-ready
Issue revocable API tokens for CI/CD pipelines and dashboards. Tokens are stored hashed (SHA-256); the plaintext is shown once. Manage with audit-token create / list / revoke. Use as Authorization: Bearer aat_… against the JSON API.
Production-ready
Every request through the server — submission, view, sign-off, policy view — lands in an append-only JSONL log with actor, source, roles, action, target, status, IP. Maps directly to NIST 800-53 AU-2/AU-3 audit-event controls.
Production-ready
On every REJECT verdict, post a coloured attachment to your security channel: target, decision, finding counts, link to the full report. Configurable per event type — fire on all runs, only rejected runs, or only on sign-off.
Production-ready
Auto-create a Jira issue for each REJECT verdict with the finding evidence in the description. Configurable project key, issue type, and assignee. Uses Atlassian REST API v3 — no plugin install on the Jira side.
Production-ready
Multiple destinations, per-event filters, custom headers (HMAC signing keys, auth tokens). Subscribe ServiceNow, PagerDuty, custom workflow engines, or your own SIEM intake. JSON payload includes the canonical Event shape — same data Slack and Jira receive.
Production-ready
Subscribe and log in
Best for teams that want fast answers without standing up sandboxing infra.
Subscribe →Run on your own infrastructure
Best for HIPAA, PCI, FedRAMP, or other settings where binaries can't leave your network.
Get deployment instructions →Submit a binary. Get evidence. Sign off with confidence.
Thanks — we'll be in touch.