DeepAudit - Your AI Security Audit Team, Making Vulnerability Discovery Accessible
March 25, 2026 · View on GitHub
Screenshots
.png)
Audit Flow Logs Real-time visibility into agent reasoning and execution |
Smart Dashboard Understand the overall security posture of a project at a glance |
Instant Analysis Paste code or upload files and get results in seconds |
Project Management Import from GitHub/GitLab/Gitea and manage multiple projects together |
Professional Reports
One-click export to PDF / Markdown / JSON (the screenshot shows quick mode, not an Agent-mode report)
CVE Vulnerability Discoveries
DeepAudit has successfully discovered and obtained 49 CVE IDs and 6 GHSA security advisories
Across 17 well-known open-source projects
OpenClaw vulnerability research results
The internal preview version of DeepAudit performed a deep security audit on the OpenClaw project and has so far discovered 6 security vulnerabilities, all of which were officially confirmed and published as security advisories (GHSA). The issues cover command injection, signature verification bypass, remote code execution, credential exposure, resource exhaustion, and information disclosure, including multiple high-severity findings. More vulnerabilities are still being researched.
| GHSA ID | Project | Popularity | Vulnerability Type | Severity |
|---|---|---|---|---|
| GHSA-g353-mgv3-8pcj | OpenClaw |  | Signature Verification Bypass | 8.6 |
| GHSA-99qw-6mr3-36qr | OpenClaw | | Code Execution | 8.5 |
| GHSA-7h7g-x2px-94hj | OpenClaw | | Credential Exposure | 6.9 |
| GHSA-g2f6-pwvx-r275 | OpenClaw | | Command Injection | Medium |
| GHSA-jq3f-vjww-8rq7 | OpenClaw | | Resource Exhaustion | High |
| GHSA-xwcj-hwhf-h378 | OpenClaw | | Information Disclosure | Medium |
| CVE ID | Project | Popularity | Vulnerability Type | CVSS |
|---|---|---|---|---|
| CVE-2026-1884 | Zentao PMS |  | SSRF | 5.1 |
| CVE-2025-13789 | Zentao PMS | | SSRF | 5.3 |
| CVE-2025-13787 | Zentao PMS | | Privilege Escalation | 9.1 |
| CVE-2025-64428 | Dataease |  | JNDI Injection | 9.8 |
| CVE-2025-13246 | Modulithshop |  | SQL Injection | 6.3 |
| CVE-2025-64163 | Dataease | | SSRF | 9.8 |
| CVE-2025-64164 | Dataease | | JNDI Injection | 9.8 |
| CVE-2025-11581 | PowerJob |  | Privilege Escalation | 7.5 |
| CVE-2025-11580 | PowerJob | | Privilege Escalation | 5.3 |
| CVE-2025-10771 | Jimureport |  | Deserialization | 9.8 |
| CVE-2025-10770 | Jimureport | | Deserialization | 6.5 |
| CVE-2025-10769 | H2o-3 |  | Deserialization | 9.8 |
| CVE-2025-10768 | H2o-3 | | Deserialization | 9.8 |
| CVE-2025-58045 | Dataease | | JNDI Injection | 9.8 |
| CVE-2025-10423 | Newbee-mall |  | Guessable Captcha | 3.7 |
| CVE-2025-10422 | Newbee-mall | | Privilege Escalation | 4.3 |
| CVE-2025-9835 | Mall |  | Privilege Escalation | 4.3 |
| CVE-2025-9737 | O2oa |  | XSS | 5.4 |
| CVE-2025-9736 | O2oa | | XSS | 5.4 |
| CVE-2025-9735 | O2oa | | XSS | 5.4 |
| CVE-2025-9734 | O2oa | | XSS | 5.4 |
| CVE-2025-9719 | O2oa | | XSS | 5.4 |
| CVE-2025-9718 | O2oa | | XSS | 5.4 |
| CVE-2025-9717 | O2oa | | XSS | 5.4 |
| CVE-2025-9716 | O2oa | | XSS | 5.4 |
| CVE-2025-9715 | O2oa | | XSS | 5.4 |
| CVE-2025-9683 | O2oa | | XSS | 5.4 |
| CVE-2025-9682 | O2oa | | XSS | 5.4 |
| CVE-2025-9681 | O2oa | | XSS | 5.4 |
| CVE-2025-9680 | O2oa | | XSS | 5.4 |
| CVE-2025-9659 | O2oa | | XSS | 5.4 |
| CVE-2025-9658 | O2oa | | XSS | 5.4 |
| CVE-2025-9657 | O2oa | | XSS | 5.4 |
| CVE-2025-9655 | O2oa | | XSS | 5.4 |
| CVE-2025-9646 | O2oa | | XSS | 5.4 |
| CVE-2025-9602 | RockOA |  | Database Backdoor | 6.5 |
| CVE-2025-9514 | Mall | | Privilege Escalation | 3.7 |
| CVE-2025-9264 | Xxl-job |  | Privilege Escalation | 5.4 |
| CVE-2025-9263 | Xxl-job | | Privilege Escalation | 4.3 |
| CVE-2025-9241 | Eladmin |  | CSV/XLSX Injection | 7.5 |
| CVE-2025-9240 | Eladmin | | Sensitive Information Disclosure | 4.3 |
| CVE-2025-9239 | Eladmin | | Hardcoded Credentials | 3.7 |
| CVE-2025-8974 | Litemall |  | Hardcoded Credentials | 9.8 |
| CVE-2025-8852 | Wukong CRM |  | Sensitive Information Disclosure | 4.3 |
| CVE-2025-8840 | JshERP |  | Privilege Escalation | 5.4 |
| CVE-2025-8839 | JshERP | | Privilege Escalation | 8.8 |
| CVE-2025-8764 | Litemall | | XSS | 5.4 |
| CVE-2025-8753 | Litemall | | Arbitrary File Deletion | 5.4 |
| CVE-2025-8708 | White-Jotter |  | Deserialization | 7.5 |
The vulnerabilities above were discovered with DeepAudit by DeepAudit team members @lintsinghua and @ez-lbz.
If you discover vulnerabilities using DeepAudit, you are welcome to leave feedback in Issues. Your contributions will greatly enrich this vulnerability list.
Overview
DeepAudit is a next-generation code security auditing platform built on a Multi-Agent collaborative architecture. It is not just a static scanner. Instead, it simulates the reasoning model of security experts through autonomous collaboration among multiple intelligent agents (Orchestrator, Recon, Analysis, Verification) to achieve deep code understanding, vulnerability discovery, and automated sandboxed PoC verification.
We are committed to solving three major pain points of traditional SAST tools:
- High false-positive rates: lack of semantic understanding leads to large amounts of noisy findings and wasted review effort
- Business-logic blind spots: inability to understand cross-file calls and complex logic flows
- Lack of verification: no way to determine whether a vulnerability is actually exploitable
Users only need to import a project, and DeepAudit automatically starts the workflow: identify the technology stack, analyze potential risks, generate exploit scripts, verify them in a sandbox, and then produce a professional audit report.
Core philosophy: Let AI attack like a hacker and defend like an expert.
Why Choose DeepAudit?
| Traditional Audit Pain Points | DeepAudit Solutions |
|---|---|
| Low manual audit efficiency Cannot keep up with CI/CD iteration speed and slows down releases | Multi-Agent autonomous auditing AI automatically orchestrates auditing strategies and runs them around the clock |
| Too many false positives Lack of semantic understanding means a lot of time is wasted cleaning noisy findings | RAG knowledge enhancement Combines code semantics with project context to significantly reduce false positives |
| Data privacy concerns Worried about core source code leaking to cloud AI services and failing compliance requirements | Ollama local deployment support Data stays inside your environment and supports local models such as Llama3 and DeepSeek |
| Cannot confirm real exploitability Too many findings in outsourced projects and no clear way to know which are real | Sandboxed PoC verification Automatically generates and runs attack scripts to confirm real impact |
System Architecture
Architecture Diagram
DeepAudit uses a microservice architecture driven by a Multi-Agent engine at its core.
Audit Workflow
| Step | Phase | Responsible Agent | Main Actions |
|---|---|---|---|
| 1 | Strategy Planning | Orchestrator | Receives the audit task, analyzes the project type, creates an audit plan, and dispatches tasks to sub-agents |
| 2 | Information Gathering | Recon Agent | Scans the project structure, identifies frameworks, libraries, and APIs, and extracts entry points |
| 3 | Vulnerability Discovery | Analysis Agent | Combines RAG knowledge and AST analysis to deeply inspect the code and find potential vulnerabilities |
| 4 | PoC Verification | Verification Agent | (Critical) Writes PoC scripts and executes them in a Docker sandbox, with self-correction and retries on failure |
| 5 | Report Generation | Orchestrator | Aggregates all findings, removes false positives disproven by verification, and generates the final report |
Project Structure
DeepAudit/
├── backend/ # Python FastAPI backend
│ ├── app/
│ │ ├── agents/ # Multi-Agent core logic
│ │ │ ├── orchestrator.py # Command center: task orchestration
│ │ │ ├── recon.py # Reconnaissance: asset identification
│ │ │ ├── analysis.py # Analyst: vulnerability discovery
│ │ │ └── verification.py # Verifier: sandbox PoC
│ │ ├── core/ # Core configuration and sandbox interfaces
│ │ ├── models/ # Database models
│ │ └── services/ # RAG and LLM service wrappers
│ └── tests/ # Unit tests
├── frontend/ # React + TypeScript frontend
│ └── src/
│ ├── components/ # UI component library
│ ├── pages/ # Page routes
│ └── stores/ # Zustand state management
├── docker/ # Docker deployment configuration
│ ├── sandbox/ # Secure sandbox image build
│ └── postgres/ # Database initialization
└── docs/ # Detailed documentation
Quick Start
Option 1: One-Line Deployment (Recommended)
Use the prebuilt Docker images. You do not need to clone the repository:
curl -fsSL https://raw.githubusercontent.com/lintsinghua/DeepAudit/v3.0.0/docker-compose.prod.yml | docker compose -f - up -d
China-Accelerated Deployment
Use the Nanjing University mirror site to accelerate pulling Docker images by replacing ghcr.io with ghcr.nju.edu.cn:
# China-accelerated version using the Nanjing University GHCR mirror
curl -fsSL https://raw.githubusercontent.com/lintsinghua/DeepAudit/v3.0.0/docker-compose.prod.cn.yml | docker compose -f - up -d
Manually pull images if needed (click to expand)
# Frontend image
docker pull ghcr.nju.edu.cn/lintsinghua/deepaudit-frontend:latest
# Backend image
docker pull ghcr.nju.edu.cn/lintsinghua/deepaudit-backend:latest
# Sandbox image
docker pull ghcr.nju.edu.cn/lintsinghua/deepaudit-sandbox:latest
Mirror support is provided by the Nanjing University Open Source Mirror Station.
Configure Docker registry mirrors (optional, for even faster image pulling) (click to expand)
If image pulling is still slow, you can configure Docker registry mirrors by editing the Docker daemon configuration.
Linux / macOS: edit /etc/docker/daemon.json
Windows: right-click the Docker Desktop tray icon -> Settings -> Docker Engine
{
"registry-mirrors": [
"https://docker.1ms.run",
"https://dockerproxy.com",
"https://hub.rat.dev"
]
}
Restart Docker after saving:
# Linux
sudo systemctl restart docker
# macOS / Windows
# Restart Docker Desktop
Started successfully? Open http://localhost:3000 to begin.
Option 2: Clone and Deploy
Suitable if you need custom configuration or want to develop on top of the project:
# 1. Clone the project
git clone https://github.com/lintsinghua/DeepAudit.git && cd DeepAudit
# 2. Configure environment variables
cp backend/env.example backend/.env
# Edit backend/.env and fill in your LLM API key
# 3. Start everything
docker compose up -d
The first startup will automatically build the sandbox image and may take a few minutes.
Source Development Guide
Suitable for developers doing secondary development and debugging.
Requirements
- Python 3.11+
- Node.js 20+
- PostgreSQL 15+
- Docker (for the sandbox)
1. Start the database manually
docker compose up -d redis db adminer
2. Start the backend
cd backend
# Configure environment variables
cp env.example .env
# Use uv to manage the environment (recommended)
uv sync
source .venv/bin/activate
# Start the API service
uvicorn app.main:app --reload
3. Start the frontend
cd frontend
# Configure environment variables
cp .env.example .env
pnpm install
pnpm dev
4. Sandbox environment
In development mode, you need to pull the sandbox image locally:
# Standard pull
docker pull ghcr.io/lintsinghua/deepaudit-sandbox:latest
# China-accelerated pull (Nanjing University mirror)
docker pull ghcr.nju.edu.cn/lintsinghua/deepaudit-sandbox:latest
Multi-Agent Intelligent Audit
Supported Vulnerability Types
|
|
For detailed documentation, see Agent Audit Guide.
Supported LLM Platforms
International Platforms
OpenAI GPT-4o / GPT-4 |
China Platforms
Tongyi Qwen |
Local Deployment
Ollama |
Supports API relay/proxy endpoints to address network access issues. See LLM Platform Support for details.
Feature Matrix
| Feature | Description | Mode |
|---|---|---|
| Agent deep audit | Multi-Agent collaboration with autonomous audit strategy orchestration | Agent |
| RAG knowledge enhancement | Code semantic understanding with CWE/CVE knowledge-base retrieval | Agent |
| Sandbox PoC verification | Docker-isolated execution to verify exploitability | Agent |
| Project management | GitHub/GitLab/Gitea import, ZIP upload, 10+ language support | General |
| Instant analysis | Analyze code snippets in seconds by pasting them directly | General |
| Five-dimensional inspection | Bug / Security / Performance / Style / Maintainability | General |
| What-Why-How | Precise issue location, root-cause explanation, and remediation suggestions | General |
| Audit rules | Built-in OWASP Top 10 with support for custom rule sets | General |
| Prompt templates | Visual management with bilingual support | General |
| Report export | One-click export to PDF / Markdown / JSON | General |
| Runtime configuration | Configure LLM settings in the browser without restarting services | General |
Roadmap
We are continuing to evolve the platform with support for more languages and stronger agent capabilities.
- Basic static analysis with Semgrep integration
- RAG knowledge base and Docker security sandbox support
- Multi-Agent collaborative architecture (current)
- Support more realistic simulated service environments for more realistic vulnerability verification workflows
- Upgrade the sandbox integration from
function_callto a stable MCP service - Auto-Fix: allow agents to directly submit PRs to fix vulnerabilities
- Incremental PR audit: continuously track PR changes, intelligently analyze vulnerabilities, and integrate with CI/CD pipelines
- Optimize RAG: support custom knowledge bases
Contributing & Community
Contributing Guide
We warmly welcome contributions of all kinds, whether that means filing issues, opening PRs, or improving documentation. Please refer to CONTRIBUTING.md for details.
Contact the Author
You are welcome to reach out for technical discussions, feature suggestions, or collaboration opportunities. For platform customization, code auditing services, technical consulting, or business collaboration, please contact by email.
| Contact | |
|---|---|
| lintsinghua@qq.com | |
| GitHub | @lintsinghua |
License
This project is open-source under the AGPL-3.0 License.
Project Popularity
Acknowledgements
Thanks to the following open-source projects for their support:
FastAPI / LangChain / LangGraph / ChromaDB / LiteLLM / Tree-sitter / Kunlun-M / Strix / React / Vite / Radix UI / TailwindCSS / shadcn/ui
Important Security Notice
Legal Compliance Statement
- Any unauthorized vulnerability testing, penetration testing, or security assessment is strictly prohibited
- This project is intended only for cybersecurity research, teaching, and learning
- It is strictly prohibited to use this project for illegal purposes or for unauthorized security testing
Vulnerability Reporting Responsibility
- If you discover any security vulnerability, please report it through legitimate channels in a timely manner
- It is strictly prohibited to use discovered vulnerabilities for illegal activities
- Comply with cybersecurity laws and regulations and help maintain a secure cyberspace
Usage Restrictions
- Only use this project in authorized environments for education and research
- Do not use it for security testing against unauthorized systems
- Users are solely responsible for their own actions
Disclaimer
The author is not responsible for any direct or indirect losses caused by the use of this project. Users bear full legal responsibility for their own actions.
Detailed Security Policy
For detailed information about installation policies, disclaimers, code privacy, API usage security, and vulnerability reporting, please refer to DISCLAIMER.md and SECURITY.md.
Quick Reference
- Code privacy warning: your code will be sent to the servers of the selected LLM provider
- Sensitive code handling: use local models when processing sensitive code
- Compliance requirements: follow data protection and privacy laws
- Vulnerability reporting: report security issues through legitimate channels