Fast, modern security testing engine ā record browser sessions, replay with attack payloads, and detect vulnerabilities automatically. Pluggable driver and detection system for web application penetration testing.
npm install @vulcn/engineSecurity testing made simple. Record once, test with payloads, find vulnerabilities.
---
``bashInstall globally
npm install -g vulcn
Zero-config browser support ā Vulcn uses your existing Chrome or Edge. No browser downloads needed.
---
šÆ What is Vulcn?
Vulcn is a driver-based security testing framework that:
1. Records interactions (browser clicks, API requests, CLI commands)
2. Replays them with security payloads injected
3. Detects vulnerabilities via plugins (XSS, SQLi, reflection, etc.)
$3
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
ā vulcn CLI ā
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā¤
ā @vulcn/engine ā
ā āāāāāāāāāāāāāāāāāāāāāāā āāāāāāāāāāāāāāāāāāāāāāāāāāāā ā
ā ā DriverManager ā ā PluginManager ā ā
ā ā ā¢ browser ā ā ā¢ payloads ā ā
ā ā ā¢ api (soon) ā ā ā¢ detect-xss ā ā
ā ā ā¢ cli (soon) ā ā ā¢ detect-reflection ā ā
ā āāāāāāāāāāāāāāāāāāāāāāā āāāāāāāāāāāāāāāāāāāāāāāāāāāā ā
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
---
š¦ Packages
| Package | Description |
| -------------------------------------------------------------------------------------------------- | ---------------------------------------- |
|
| CLI tool |
| @vulcn/engine | Core engine with driver & plugin systems |
| @vulcn/driver-browser | Browser recording with Playwright |
| @vulcn/plugin-payloads | XSS, SQLi, SSRF payloads |
| @vulcn/plugin-detect-xss | Execution-based XSS detection |
| @vulcn/plugin-detect-reflection` | Pattern-based reflection detection |---
Full documentation is available at docs.vulcn.dev
- Quickstart Guide
- CLI Reference
- Driver System
- Plugin System
- API Reference
---
See CONTRIBUTING.md for development setup and guidelines.
---
---
Made with ā¤ļø by rawlab