Supreme Security Scanner is an absolutely free and open-source project. For issues and feature requests, please visit our GitHub repository: Supreme on GitHub.
Overview
Supreme is an advanced, all-in-one security scanner for Visual Studio Code. It detects vulnerabilities in dependencies, misconfigurations, and exposed secrets in your code.
Features
Deep Scan: Checks for CVEs, Misconfigurations, and Secrets.
CLI Tool: Automated scanning for CI/CD pipelines (supreme scan --ci).
Offline Mode: Fully functional offline scanning with cached database.
Interactive Dashboard: View security score and critical stats.
Scan History: Review past scan results and track improvements.
Glassmorphism Reports: Beautiful, detailed HTML reports with code snippets.
Zero Configuration: Auto-installs necessary engines.
Cancellable Operations: Stop scans or downloads at any time.
Clean Uninstall: All history is removed when you uninstall the extension.
Threat Intelligence: Powered by a combination of aggregated open-source intelligence (OSINT) and our own proprietary threat findings for maximum coverage.
Usage
VS Code Extension
Open the Supreme sidebar.
Click the large Start Scan button on the dashboard.
View results in the list below or open the full HTML report.
Export reports to JSON for your team.
Use the Stop button to cancel ongoing scans or downloads.
Update Database: Click the update button to refresh vulnerability data.
Requirements
Python 3.10+ and pip must be installed and available in your system PATH.
Internet connection (initial setup only, to download engine and DB).
