RootCause is a static application security testing (SAST) project built in Rust.
It helps developers detect vulnerabilities and misconfigurations in:
- Source code
- Configuration files
- Infrastructure-as-Code
Our goal: make secure coding accessible with fast and extensible analysis.
- 🔍 RootCause Scanner – the main scanner
- 📖 Rules – official rulesets
- 🔌 Plugins – community and official extensions
📚 docs.rootcause.sh – installation, rule creation, and plugin development.
Distributed under the GPL-3.0 license.
