https://github.com/vulnerable-apps/verademo
Playground scan · GitHub repository · Nixer
25
RISK SCORE
Full scan on your stack
npx nixer scan https://github.com/vulnerable-apps/verademo
Findings Playground profile — full scan via CLI runs 6× more probes
CRITICAL
secrets-scan
#1
Exposed Hardcoded Password
app/src/main/java/com/veracode/verademo/controller/UserController.java:347
Detected Hardcoded Password in app/src/main/java/com/veracode/verademo/controller/UserController.java:347. Value: Password val***
Remediation
Remove or rotate this credential immediately. Use environment variables instead: process.env.API_KEY.
Get the PDF version
Enter your email and we'll send you this report as a PDF — useful for sharing with your team or a security audit.
This was the playground profile — 10 probes, 60s cap.
Scan this on every PR — catch findings before they ship.
One line in your GitHub Actions workflow. Fails the build on critical findings. Free for public repos.
npx nixer scan https://github.com/vulnerable-apps/verademo