TraceBlast

TraceBlast is a path-based vulnerability analysis tool that identifies real, exploitable security risks in your codebase.

Instead of flagging every vulnerable dependency, TraceBlast traces actual data flow from entry points to vulnerable sinks, showing only reachable and actionable vulnerabilities.

🚀 Features

• 🔍 Path-based vulnerability detection
• 🧠 Eliminates false positives
• 📊 Interactive graph visualization
• ⚡ VS Code integration
• 🌐 Scan local projects or GitHub repositories

🧪 How It Works

1. Scans your project dependencies and source code
2. Builds a dependency graph
3. Traces execution paths from entry points to vulnerable functions
4. Displays only exploitable attack paths

▶️ Usage

Scan current project

Open Command Palette:

Scan GitHub repository

🛠 Requirements

• Python project with:
  • requirements.txt OR
  • pyproject.toml OR
  • setup.py

⚠️ Notes

• Currently optimized for Python projects
• GitHub scanning uses temporary cloning

📌 Vision

TraceBlast aims to move security analysis from:

“What is vulnerable?”

to

“What is actually exploitable?”

👨‍💻 Author

Aaradhya Khanna