Installation

CodePhreak can be installed via pip or from source. Additional security tools are automatically installed.

Requirements

  • โ€ข Python 3.9 or higher
  • โ€ข pip (Python package manager)
  • โ€ข Git (for source installation)
  • โ€ข macOS, Linux, or Windows (WSL recommended)

Quick Install (pip)

# Install from PyPI
pip install codephreak

# Verify installation
codephreak --version
codephreak doctor

Install from Source

# Clone the repository
git clone https://github.com/singularity99/codephreak-security-auditor
cd codephreak-security-auditor

# Create virtual environment (recommended)
python -m venv venv
source venv/bin/activate  # On Windows: venv\Scripts\activate

# Install in development mode
pip install -e .

# Install security tools
./install.sh

Bundled Security Tools

CodePhreak bundles several security tools. The installer automatically sets these up:

Python Tools (pip)

  • โ€ข Semgrep - Static analysis
  • โ€ข Bandit - Python security linter
  • โ€ข Checkov - IaC scanning
  • โ€ข Prowler - Cloud security
  • โ€ข pip-audit - Dependency audit
  • โ€ข detect-secrets - Secret detection

Binary Tools

  • โ€ข Trivy - Vulnerability scanner
  • โ€ข GitLeaks - Secret scanner
  • โ€ข Syft - SBOM generator
  • โ€ข Grype - Image scanner
  • โ€ข Hadolint - Dockerfile linter
  • โ€ข Nuclei - DAST scanner

Manual Tool Installation

If the automatic installer doesn't work, install tools manually:

# macOS (Homebrew)
brew install trivy gitleaks syft grype hadolint nuclei

# Ubuntu/Debian
curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin

# Verify tools are available
codephreak doctor

Verify Installation

Run the doctor command to check all tools are properly installed:

$ codephreak doctor

CodePhreak Security Auditor - System Check

โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”ณโ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”“
โ”ƒ Tool              โ”ƒ Status     โ”ƒ
โ”กโ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ•‡โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”โ”ฉ
โ”‚ semgrep           โ”‚ โœ“ v1.45.0  โ”‚
โ”‚ bandit            โ”‚ โœ“ v1.7.6   โ”‚
โ”‚ trivy             โ”‚ โœ“ v0.48.0  โ”‚
โ”‚ gitleaks          โ”‚ โœ“ v8.18.0  โ”‚
โ”‚ syft              โ”‚ โœ“ v0.98.0  โ”‚
โ”‚ grype             โ”‚ โœ“ v0.73.0  โ”‚
โ”‚ hadolint          โ”‚ โœ“ v2.12.0  โ”‚
โ”‚ prowler           โ”‚ โœ“ v5.0.0   โ”‚
โ”‚ nuclei            โ”‚ โœ“ v3.1.0   โ”‚
โ””โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”ดโ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”€โ”˜

โœ… All tools available

Troubleshooting

Tool not found

If a tool shows as missing, ensure it is in your PATH or install it manually using the commands above.

Permission denied

On Linux, you may need to run chmod +x install.sh before running the installer.

Python version error

CodePhreak requires Python 3.9+. Check your version with python --version.