Home / Features
14 Free Analyzers · Up to 21 with Pro · 4 Tiers

Security Intelligence Redefined

Counterscarp combines AI-powered cross-chain analysis and automated exploit generation into a unified security platform. 14 analyzers free — up to 21 with Pro.

Feature 01  PRO

AI-Powered Audit Copilot

The AI Audit Copilot uses Retrieval-Augmented Generation (RAG) to provide real-time vulnerability context during audits. It queries a curated knowledge base of historical exploits, audit reports, and EVM/Solana-specific vulnerability patterns.

  • RAG-based knowledge retrieval from Code4rena, Immunefi, Solodit
  • LLM integration for natural language vulnerability explanations
  • Context-aware remediation recommendations
  • Trained on Code4rena, Immunefi, and Solodit findings
Highest Impact RAG + LLM
python 
# AI Audit Copilot usage
from counterscarp import AuditCopilot

copilot = AuditCopilot(model="gpt-4")

# Query vulnerability context
context = copilot.query(
    finding="reentrancy in withdraw()",
    contract="Vault.sol"
)

# Returns: historical exploits,
# remediation steps, severity score
print(context.similar_exploits)
# [{"protocol": "Cream Finance",
#   "loss": "$130M", "year": 2021}]
Cross-chain attack path visualization
Feature 02

Cross-Chain Attack Path Visualizer

Interactive D3.js graphs map multi-contract attack vectors across EVM and Solana chains. Reveals complex exploit chains — flash loans, reentrancy cascades, oracle manipulation — that single-contract analyzers cannot detect.

  • Interactive D3.js force-directed attack graphs
  • Cross-contract call chain analysis
  • Flash loan and oracle manipulation detection
  • Exportable HTML reports with embedded visualizations
Unique — No Equivalent Exists
Features 03 — 07

More Powerful Capabilities

Time-Travel Historical Scanner

Novel

Git-based historical vulnerability tracking detects when vulnerabilities were introduced, tracks security regressions across commits, and provides temporal audit trails. Run counterscarp scan ./contracts --commits HEAD~50..HEAD to scan the last 50 commits.

Complexity: Medium (2-3 months)
Impact: High — Unique temporal analysis

CI/CD Pipeline Generator

Automation

Auto-generates security pipeline configurations for GitHub Actions, GitLab CI, and CircleCI. Configurable severity thresholds block PRs containing critical vulnerabilities. The fastest path from zero to automated security.

bash
$ counterscarp generate-pipeline --platform github --output .github/workflows/
[✓] Generated .github/workflows/counterscarp-engine.yml
[*] Configured: PR blocking on HIGH+ severity

Exploit PoC Auto-Generator

Unique

Automatically generates working Foundry test cases that demonstrate detected vulnerabilities as actual exploits, complete with setup, execution, and assertions. Transforms findings into actionable proof-of-concepts for bug bounty submissions and developer education.

Protocol Fingerprint Scanner

Intelligence

Compares codebases against a database of known vulnerable patterns, forked protocols, and public exploits to identify "genetic" vulnerabilities inherited from upstream code. Many protocols fork from Uniswap, Compound, or OpenZeppelin — this scanner finds inherited vulnerabilities they may have overlooked.

Anchor IDL Security Validator

First-Mover on Solana

The only tool that validates Solana Anchor IDL constraints and CPI (Cross-Program Invocation) flow security. Detects missing signer checks, unconstrained accounts, and dangerous CPI patterns that Rust static analyzers miss.

Chains: Solana (Anchor framework)
Patterns: 35 Rust/Anchor security checks
Complete Coverage

All Analyzer Coverage — 14 Free, Up to 21 with Pro

Community — 14 analyzers · Free forever Developer — 16 analyzers · $49/mo Pro — 21 analyzers · $199/mo Team — 5 seats · $399/mo
Webapp + CLI = available at app.counterscarp.io & local CLI CLI Only = requires local counterscarp CLI

Pro and Team features require a free account with an active license.

# Analyzer Type Chain Platform Tier
01Heuristic ScannerStaticEVMWebapp + CLIFree
02SlitherStatic (Trail of Bits)EVMWebapp + CLIFree
03AderynStatic (Cyfrin Rust)EVMCLI OnlyFree
04Liar DetectorNatSpec AnalysisEVMCLI OnlyFree
05Access MatrixPermission AnalysisEVMCLI OnlyFree
06Upgrade DiffStorage AnalysisEVMCLI OnlyFree
07MedusaFuzzingEVMCLI OnlyFree
08FoundryInvariant TestingEVMCLI OnlyFree
09MythrilSymbolic ExecutionEVMCLI OnlyFree
10Supply ChainDependency ScanBothCLI OnlyFree
11Threat IntelHistorical DBBothWebapp + CLIFree
12Knowledge FetcherResearchEVMCLI OnlyFree
13Inflation ScaffoldAttack GenerationEVMCLI OnlyFree
14AI Audit CopilotAI/RAGBothWebapp + CLIPro
15Attack Path VisualizerVisualizationBothWebapp + CLIPro
16Time-Travel ScannerHistoricalBothCLI OnlyPro
17CI/CD GeneratorAutomationBothCLI OnlyFree
18Exploit GeneratorPoC GenerationEVMCLI OnlyPro
19Fingerprint ScannerSimilarityBothCLI OnlyPro
20Solana AnalyzerStaticSolanaCLI OnlyDeveloper
Platform Comparison

Webapp vs CLI

All plans include both Webapp and CLI access. The Webapp runs Heuristic + Slither server-side. The CLI runs up to 21 analyzers locally on your machine.

Webapp app.counterscarp.io

Upload contracts via browser. No local install needed. Server-side analysis with instant results.

All Tiers

  • Heuristic Pattern Scanner
  • Slither Static Analysis
  • Dashboard & Scan History
  • Reports (Markdown, JSON, SARIF)

Developer+

  • Branded HTML Reports
  • PDF Reports
  • Solana/Anchor Analysis, IDL Validator

Pro+

  • AI Copilot (RAG enrichment)
  • Attack Graph Visualization
  • Branded Reports
CLI counterscarp command

Run locally on your machine. Full analyzer suite. Air-gap compatible. Maximum coverage.

All Tiers — Everything in Webapp, plus:

  • Aderyn Static Analysis
  • Medusa Coverage-Guided Fuzzing
  • Mythril Symbolic Execution
  • Red Team Scanning
  • Supply Chain Check
  • Upgrade Diff Analysis
  • Plugin System

Pro+

  • Time-Travel Scanner (git history)
  • Protocol Fingerprinting
  • Exploit PoC Generator
  • LLM Enrichment

Ready to Audit with 14 Free, Up to 21 with Pro?

Start free with 14 analyzers — no account needed. Upgrade to Pro for AI Copilot, Attack Graph, and Exploit PoC, or Team for shared workspaces.

Launch Counterscarp View All Plans Read Documentation

Create a free account to get started. Pro licenses auto-link to your account at purchase.