Modern, fast penetration testing CLI ā record browser interactions once, replay with security payloads, and find vulnerabilities like XSS and SQLi automatically. A lightweight, pluggable alternative to legacy security scanners.
npm install vulcnSecurity testing made simple. Record once, test with payloads, find vulnerabilities.
---
``bashInstall globally
npm install -g vulcn
Zero-config browser support ā Vulcn uses your existing Chrome or Edge. No browser downloads needed.
---
šÆ What is Vulcn?
Vulcn is a driver-based security testing framework that:
1. Records interactions (browser clicks, API requests, CLI commands)
2. Replays them with security payloads injected
3. Detects vulnerabilities via plugins (XSS, SQLi, reflection, etc.)
$3
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
ā vulcn CLI ā
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā¤
ā @vulcn/engine ā
ā āāāāāāāāāāāāāāāāāāāāāāā āāāāāāāāāāāāāāāāāāāāāāāāāāāā ā
ā ā DriverManager ā ā PluginManager ā ā
ā ā ā¢ browser ā ā ā¢ payloads ā ā
ā ā ā¢ api (soon) ā ā ā¢ detect-xss ā ā
ā ā ā¢ cli (soon) ā ā ā¢ detect-reflection ā ā
ā āāāāāāāāāāāāāāāāāāāāāāā āāāāāāāāāāāāāāāāāāāāāāāāāāāā ā
āāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāāā
---
š¦ Packages
| Package | Description |
| -------------------------------------------------------------------------------------------------- | ---------------------------------------- |
|
| CLI tool |
| @vulcn/engine | Core engine with driver & plugin systems |
| @vulcn/driver-browser | Browser recording with Playwright |
| @vulcn/plugin-payloads | XSS, SQLi, SSRF payloads |
| @vulcn/plugin-detect-xss | Execution-based XSS detection |
| @vulcn/plugin-detect-reflection` | Pattern-based reflection detection |---
Full documentation is available at docs.vulcn.dev
- Quickstart Guide
- CLI Reference
- Driver System
- Plugin System
- API Reference
---
See CONTRIBUTING.md for development setup and guidelines.
---
---
Made with ā¤ļø by rawlab