SecureShip Pro — SQL Injection & Credential Leak Scanner

Ship Secure Code. Every Time. SecureShip Pro scans your entire codebase for the two most common security vulnerabilities that slip into production: SQL injection and hardcoded credentials. Two Scanners, One Command: secureship scan . --report audit.html SQL Scanner: Detects f-strings in queries, string concatenation in .execute(), template literals, dynamic table/column names — across Python, JavaScript, TypeScript, Java, Go, PHP, Ruby. Credential Scanner: Identifies hardcoded GitHub tokens, OpenAI keys, AWS access keys, Stripe live keys, Slack tokens, JWT tokens, weak/default passwords, and .env files not in .gitignore. Uses Shannon entropy analysis to catch unknown key formats. What You Get: Full Python source code, pip-installable, zero external dependencies, professional HTML security report with severity badges, color-coded findings, and actionable fix suggestions. CI/CD ready — exits with code 1 on findings for pipeline integration. All credentials are masked in reports. Perfect for: Solo developers shipping side projects, teams doing code review, CI/CD pipeline security gates, security-conscious open source maintainers.