CPU-only vendor slice of keyhog-core + keyhog-scanner + keyhog-verifier — provides the minimal secret-detection surface gossan-js / gossan-scm / gossan-crawl need without dragging in wgpu/vyre transitive deps from upstream keyhog. Frozen subset; refresh manually when upstream detector schema changes.
An LSP implementation for Tree-sitter's query files
CLI transport and formatting for seal
Fast, modular attack surface discovery — subdomains, ports, tech stack, secrets, hidden endpoints, cloud assets — part of the security research ecosystem
Scan checkpoint and resume for gossan — persists stage results to SQLite — part of the security research ecosystem
Cloud asset discovery scanner for gossan (S3, GCS, Azure Blob, DigitalOcean Spaces) — part of the security research ecosystem
Core types, traits, and shared networking utilities for the gossan attack-surface scanner — part of the security research ecosystem
Cross-module finding correlation engine for gossan (attack chain detection) — part of the security research ecosystem
Authenticated web crawler — form extraction, parameter discovery, link following — part of the security research ecosystem
DNS security scanner — SPF/DMARC/DKIM email auth, zone transfer (AXFR), subdomain takeover, CAA/NS posture — part of the security research ecosystem
Distributed fleet orchestration for Gossan
Graph persistence for Gossan — stores targets and findings in a local SQLite database