Acunetix
Web vulnerability scanner for automated security testing of websites and web apps
Open-Source Projects
Discover top open-source software, updated regularly with real-world adoption signals.
Discover top open-source software, updated regularly with real-world adoption signals.
Unified platform for collaborative security scanning and vulnerability management
Jackhammer provides a single interface to run static and dynamic scans across code, web, mobile, CMS and network assets, with RBAC, dashboards, false‑positive filtering and integrated vulnerability lifecycle management.
Jackhammer is a collaboration‑focused platform that brings together security, development, QA, and TPM teams around a single view of vulnerability findings. By unifying static code analysis, dynamic web and mobile testing, CMS and network scanning, it eliminates the need to juggle disparate tools.
The system leverages a plug‑in architecture to run dozens of open‑source and commercial scanners (e.g., Brakeman, Trufflehog, Arachni, Nmap) and presents results through role‑based dashboards, false‑positive filtering, and trend graphs. Scans can be triggered on demand, scheduled (daily, weekly, monthly), or executed asynchronously via Sidekiq workers. Integration points include bug‑tracking systems and CI/CD pipelines, while RBAC controls access for individual contributors and whole teams. Jackhammer is distributed via Docker Compose, allowing rapid local or corporate‑mode deployment with minimal configuration.
When teams consider Jackhammer, these hosted platforms usually appear on the same shortlist.
Looking for a hosted option? These are the services engineering teams benchmark against before choosing open source.
Integrate SAST into CI pipeline
Developers receive immediate feedback on code vulnerabilities, reducing remediation time.
Cross‑team vulnerability triage
Security, dev, and QA collaborate on a shared dashboard to prioritize and resolve findings.
Scheduled compliance scans for web applications
Automated weekly scans generate trend reports, helping auditors track security posture.
Custom scanner onboarding
Security engineers add a proprietary tool in under 30 minutes, extending coverage to niche technologies.
Jackhammer itself is language‑agnostic; it runs scanners for Ruby, Node, Java, and others via plug‑ins.
Scans run asynchronously using Sidekiq workers and can be triggered on demand, scheduled, or invoked via API/CLI.
Yes, Jackhammer includes connectors to publish vulnerabilities to external bug‑tracking systems.
Access is controlled through Role‑Based Access Control (RBAC) that defines user permissions and team visibility.
New scanners are added by creating a plug‑in module; the documentation shows a 10‑30 minute process.
Project at a glance
DormantLast synced 4 days ago
