MCPcopy Index your code
hub / github.com/google/tsunami-security-scanner

github.com/google/tsunami-security-scanner @v0.2.0 sqlite

repository ↗ · DeepWiki ↗ · release v0.2.0 ↗
3,471 symbols 9,625 edges 265 files 598 documented · 17%
README

Tsunami

build

Tsunami is a general purpose network security scanner with an extensible plugin system for detecting high severity vulnerabilities with high confidence.

To learn more about Tsunami, visit our documentation.

Tsunami relies heavily on its plugin system to provide basic scanning capabilities. All publicly available Tsunami plugins are hosted in a separate google/tsunami-security-scanner-plugins repository.

Quick start

Please see the documentation on how to build and run Tsunami

Contributing

Read how to contribute to Tsunami.

License

Tsunami is released under the Apache 2.0 license.

Copyright 2025 Google Inc.

Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at

    http://www.apache.org/licenses/LICENSE-2.0

Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS,
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and
limitations under the License.

Disclaimers

Tsunami is not an official Google product.

Extension points exported contracts — how you extend this code

RemoteVulnDetector (Interface)
A special VulnDetector to execute vulnerability detector plugins from their specified language server. [8 implementers]
plugin/src/main/java/com/google/tsunami/plugin/RemoteVulnDetector.java
CliOption (Interface)
A marker interface for a subset of command line options used in Tsunami modules. Client should ALWAYS mark its optio [26 …
common/src/main/java/com/google/tsunami/common/cli/CliOption.java
ServiceFingerprinter (Interface)
A TsunamiPlugin that performs the service fingerprinting tasks. A fingerprinter usually performs service spe [8 implementers]
plugin/src/main/java/com/google/tsunami/plugin/ServiceFingerprinter.java
Archiver (Interface)
An Archiver archives the given data to some data storage. [9 implementers]
common/src/main/java/com/google/tsunami/common/io/archiving/Archiver.java
PortScanner (Interface)
A TsunamiPlugin that performs the port scanning tasks. A port scanner in general should perform network prob [10 implementers]
plugin/src/main/java/com/google/tsunami/plugin/PortScanner.java
Factory (Interface)
(no doc) [7 implementers]
common/src/main/java/com/google/tsunami/common/io/archiving/GoogleCloudStorageArchiver.java
VulnDetector (Interface)
A TsunamiPlugin that detects potential vulnerabilities on the target. Usually a vulnerability detector takes [26 implementers]
plugin/src/main/java/com/google/tsunami/plugin/VulnDetector.java
ConfigLoader (Interface)
Config loader interface that load Tsunami configs from certain data sources. [3 implementers]
common/src/main/java/com/google/tsunami/common/config/ConfigLoader.java

Core symbols most depended-on inside this repo

build
called by 591
plugin/src/main/java/com/google/tsunami/plugin/RemoteVulnDetectorLoadingModule.java
fromString
called by 186
common/src/main/java/com/google/tsunami/common/version/Version.java
get
called by 125
plugin_server/py/common/net/http/http_request.py
get
called by 104
common/src/main/java/com/google/tsunami/common/net/http/HttpRequest.java
forIpAndPort
called by 74
common/src/main/java/com/google/tsunami/common/data/NetworkEndpointUtils.java
toString
called by 72
common/src/main/java/com/google/tsunami/common/net/http/HttpStatus.java
addHeader
called by 69
common/src/main/java/com/google/tsunami/common/net/http/HttpHeaders.java
setName
called by 64
common/src/main/java/com/google/tsunami/common/concurrent/BaseThreadPoolModule.java

Shape

Method 2,820
Class 283
Struct 190
Function 111
TypeAlias 30
Interface 21
Enum 12
Route 4

Languages

Java46%
Go43%
Python11%

Modules by API surface

proto/go/vulnerability_go_proto/vulnerability.pb.go136 symbols
proto/go/payload_generator_go_proto/payload_generator.pb.go89 symbols
proto/tsunami_go_proto/vulnerability.pb.go86 symbols
proto/go/web_crawl_go_proto/web_crawl.pb.go86 symbols
proto/go/plugin_service_go_proto/plugin_service.pb.go86 symbols
proto/go/plugin_representation_go_proto/plugin_representation.pb.go84 symbols
plugin/src/test/java/com/google/tsunami/plugin/PluginManagerTest.java78 symbols
proto/go/network_service_go_proto/network_service.pb.go77 symbols
proto/go/network_go_proto/network.pb.go71 symbols
proto/tsunami_go_proto/payload_generator.pb.go69 symbols
proto/go/scan_results_go_proto/scan_results.pb.go68 symbols
proto/go/reconnaissance_go_proto/reconnaissance.pb.go66 symbols

Dependencies from manifests, versioned

absl-py2.1.0 · 1×
aenum3.1.15 · 1×
certifi2024.7.4 · 1×
charset-normalizer3.3.2 · 1×
glog0.3.1 · 1×
grpcio1.63.0 · 1×
grpcio-health-checking1.63.0 · 1×
grpcio-reflection1.63.0 · 1×
grpcio-tools1.63.0 · 1×
idna3.7 · 1×
protobuf5.29.6 · 1×
python-gflags3.1.2 · 1×

For agents

$ claude mcp add tsunami-security-scanner \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact