Home / Features
21 Analyzers · 4 Tiers · Free to Team

Security Intelligence Redefined

Counterscarp combines AI, cross-chain analysis, and automated exploit generation into a unified security platform. 14 analyzers free — up to 21 with Pro.

Feature 01  PRO

AI-Powered Audit Copilot

The AI Audit Copilot uses Retrieval-Augmented Generation (RAG) to provide real-time vulnerability context during audits. It queries a curated knowledge base of historical exploits, audit reports, and EVM/Solana-specific vulnerability patterns.

  • RAG-based knowledge retrieval from Code4rena, Immunefi, Solodit
  • LLM integration for natural language vulnerability explanations
  • Context-aware remediation recommendations
  • Semantic similarity search across 10,000+ audit findings
Highest Impact RAG + LLM
python 
# AI Audit Copilot usage
from counterscarp import AuditCopilot

copilot = AuditCopilot(model="gpt-4")

# Query vulnerability context
context = copilot.query(
    finding="reentrancy in withdraw()",
    contract="Vault.sol"
)

# Returns: historical exploits,
# remediation steps, severity score
print(context.similar_exploits)
# [{"protocol": "Cream Finance",
#   "loss": "$130M", "year": 2021}]
Cross-chain attack path visualization
Feature 02

Cross-Chain Attack Path Visualizer

Interactive D3.js graphs map multi-contract attack vectors across EVM and Solana chains. Reveals complex exploit chains — flash loans, reentrancy cascades, oracle manipulation — that single-contract analyzers cannot detect.

  • Interactive D3.js force-directed attack graphs
  • Cross-contract call chain analysis
  • Flash loan and oracle manipulation detection
  • Exportable HTML reports with embedded visualizations
Unique — No Equivalent Exists
Features 03 — 07

More Powerful Capabilities

Time-Travel Historical Scanner

Novel

Git-based historical vulnerability tracking detects when vulnerabilities were introduced, tracks security regressions across commits, and provides temporal audit trails. Run counterscarp scan ./contracts --commits HEAD~50..HEAD to scan the last 50 commits.

Complexity: Medium (2-3 months)
Impact: High — Unique temporal analysis

Anchor IDL Security Validator

First-Mover on Solana

The only tool that validates Solana Anchor IDL constraints and CPI (Cross-Program Invocation) flow security. Detects missing signer checks, unconstrained accounts, and dangerous CPI patterns that Rust static analyzers miss.

Chains: Solana (Anchor framework)
Patterns: 35 Rust/Anchor security checks

CI/CD Pipeline Generator

Automation

Auto-generates security pipeline configurations for GitHub Actions, GitLab CI, and CircleCI. Configurable severity thresholds block PRs containing critical vulnerabilities. The fastest path from zero to automated security.

bash
$ counterscarp generate-pipeline --platform github --output .github/workflows/
[✓] Generated .github/workflows/counterscarp-engine.yml
[*] Configured: PR blocking on HIGH+ severity

Exploit PoC Auto-Generator

Unique

Automatically generates working Foundry test cases that demonstrate detected vulnerabilities as actual exploits, complete with setup, execution, and assertions. Transforms findings into actionable proof-of-concepts for bug bounty submissions and developer education.

Protocol Fingerprint Scanner

Intelligence

Compares codebases against a database of known vulnerable patterns, forked protocols, and public exploits to identify "genetic" vulnerabilities inherited from upstream code. Many protocols fork from Uniswap, Compound, or OpenZeppelin — this scanner finds inherited vulnerabilities they may have overlooked.

Complete Coverage

All 21 Analyzers — Across 4 Tiers

Community — 14 analyzers · Free forever Developer — 16 analyzers · $49/mo Pro — 21 analyzers · $149/mo Team — 10 seats · $399/mo
# Analyzer Type Chain Patterns Tier
01Heuristic ScannerStaticEVM23 EVM heuristic rulesFree
02SlitherStatic (Trail of Bits)EVM80+ detectorsFree
03AderynStatic (Cyfrin Rust)EVMComplementary to SlitherFree
04Liar DetectorNatSpec AnalysisEVMComment vs implementationFree
05Access MatrixPermission AnalysisEVMFunction access controlFree
06Upgrade DiffStorage AnalysisEVMUUPS/proxy collision detectionFree
07Solana AnalyzerStaticSolana35 Rust/Anchor patternsDeveloper
08MedusaFuzzingEVMCoverage-guidedFree
09FoundryInvariant TestingEVMProperty-based testsFree
10MythrilSymbolic ExecutionEVMBytecode analysisFree
11Supply ChainDependency ScanBothOSV.dev integrationFree
12Threat IntelHistorical DBBothCode4rena, Immunefi, SoloditFree
13Knowledge FetcherResearchEVMEVM vulnerability researchFree
14Inflation ScaffoldAttack GenerationEVMERC4626 attack testsFree
15AI Audit CopilotAI/RAGBothLLM + knowledge retrievalPro
16Attack Path VisualizerVisualizationBothD3.js attack graphsPro
17Time-Travel ScannerHistoricalBothGit-based regression trackingPro
18Anchor IDL ValidatorIDL AnalysisSolanaCPI flow securityDeveloper
19CI/CD GeneratorAutomationBothGitHub/GitLab/CircleCI/Azure/JenkinsFree
20Exploit GeneratorPoC GenerationEVMFoundry test generationPro
21Fingerprint ScannerSimilarityBothProtocol genealogy analysisPro

Ready to Audit with All 21 Analyzers?

Start free with 14 analyzers — no account needed. Upgrade to Developer for Solana support, Pro for AI Copilot, Attack Graph, and Exploit PoC, or Team for shared workspaces.

Launch Counterscarp View All Plans Read Documentation