JSPM

  • ESM via JSPM
  • ES Module Entrypoint
  • Export Map
  • Keywords
  • License
  • Repository URL
  • TypeScript Types
  • README
  • Created
  • Published
  • Downloads 7
  • Score
    100M100P100Q46580F
  • License AGPL-3.0

Modern, fast penetration testing CLI — record browser interactions once, replay with security payloads, and find vulnerabilities like XSS and SQLi automatically. A lightweight, pluggable alternative to legacy security scanners.

Package Exports

  • vulcn
  • vulcn/dist/index.js

This package does not declare an exports field, so the exports above have been automatically detected and optimized by JSPM instead. If any package subpath is missing, it is recommended to post an issue to the original package (vulcn) to support the "exports" field. If that is not possible, create a JSPM override to customize the exports field for this package.

Readme

🔐 Vulcn

Security testing made simple. Record once, test with payloads, find vulnerabilities.

CI npm version License: AGPL-3.0

⚡ Quick Start

# Install globally
npm install -g vulcn

# Record a session (opens browser)
vulcn record https://example.com/login

# Run with security payloads
vulcn run session.vulcn.yml

Zero-config browser support — Vulcn uses your existing Chrome or Edge. No browser downloads needed.

🎯 What is Vulcn?

Vulcn is a driver-based security testing framework that:

  1. Records interactions (browser clicks, API requests, CLI commands)
  2. Replays them with security payloads injected
  3. Detects vulnerabilities via plugins (XSS, SQLi, reflection, etc.)

Architecture

┌─────────────────────────────────────────────────────────┐
│                     vulcn CLI                           │
├─────────────────────────────────────────────────────────┤
│                   @vulcn/engine                         │
│  ┌─────────────────────┐  ┌──────────────────────────┐  │
│  │   DriverManager     │  │    PluginManager         │  │
│  │   • browser         │  │    • payloads            │  │
│  │   • api (soon)      │  │    • detect-xss          │  │
│  │   • cli (soon)      │  │    • detect-reflection   │  │
│  └─────────────────────┘  └──────────────────────────┘  │
└─────────────────────────────────────────────────────────┘

📦 Packages

Package Description
vulcn CLI tool
@vulcn/engine Core engine with driver & plugin systems
@vulcn/driver-browser Browser recording with Playwright
@vulcn/plugin-payloads XSS, SQLi, SSRF payloads
@vulcn/plugin-detect-xss Execution-based XSS detection
@vulcn/plugin-detect-reflection Pattern-based reflection detection

📚 Documentation

Full documentation is available at docs.vulcn.dev

🤝 Contributing

See CONTRIBUTING.md for development setup and guidelines.

📝 License

AGPL-3.0 © rawlab

Made with ❤️ by rawlab