██████╗███████╗██████╗ ████████╗ ██╗ ██╗ ██████╗ ███████╗███╗ ██╗ ██╔════╝██╔════╝██╔══██╗╚══██╔══╝ ╚██╗██╔╝ ██╔════╝ ██╔════╝████╗ ██║ ██║ █████╗ ██████╔╝ ██║ █████╗ ╚███╔╝█████╗██║ ███╗█████╗ ██╔██╗ ██║ ██║ ██╔══╝ ██╔══██╗ ██║ ╚════╝ ██╔██╗╚════╝██║ ██║██╔══╝ ██║╚██╗██║ ╚██████╗███████╗██║ ██║ ██║ ██╔╝ ██╗ ╚██████╔╝███████╗██║ ╚████║ ╚═════╝╚══════╝╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═╝ ╚═════╝ ╚══════╝╚═╝ ╚═══╝
Polyglot Security Scanner • Open Source • Built with Rust
CERT-X-GEN is a polyglot execution engine: templates in 12 languages, parallel runs, three-tier sandboxing, and AI-powered template generation.
Breaking
Most exploit-based vulnerability scanners accept YAML templates as input, but why limit ourselves to YAML when multi-step exploitation logic is often easier (and more efficient) to implement in real programming languages? That's why we created the Cert-X-Gen CLI.
Cert-X-Gen is a simple CLI tool that lets you write templates in 12 languages: YAML, Python, Java, Go, PHP, Shell, JavaScript, Ruby, Perl, C, C++, and Rust. This gives you more flexible ways to add your favorite templates, and you can also use the CXG CLI's built-in AI capabilities to generate templates on the go.
Open to the community. Happy hacking!
Solution
Introducing CERT-X-GEN — the first polyglot vulnerability scanner that executes detection logic as real code across 12 languages. Instead of being locked into rule syntax, security teams can write checks with the full expressiveness of Python, Go, Rust, JavaScript, C/C++, Java, and more.
Security detection, re-engineered.
Write templates in 12 languages
AI-Powered
CXG's built-in AI generates detection templates from natural language prompts. Choose your language, pick your LLM provider, and get validated, ready-to-run security checks — no manual coding required.
Ollama runs locally with no API key. Works fully air-gapped and offline.
MCP Server
CXG ships with a built-in MCP server that exposes 12 security tools to any AI agent. One command installs it into your IDE — Claude Desktop, Claude Code, Cursor, Windsurf, VS Code, or Zed.
cxg_scanRun security scans against targetscxg_ai_generateGenerate templates from natural languagecxg_searchSearch templates by query and filterscxg_template_listList available templatescxg_template_infoGet detailed template informationcxg_template_createScaffold a new templatecxg_template_writeValidate and save a templatecxg_template_testTest a template against a targetcxg_template_validateValidate template syntaxcxg_template_statsGet collection statisticscxg_template_updatePull latest templatescxg_template_get_notesGet AI generation guide8 commands. Parallel execution. Real-time findings with severity classification.
Install the CLI, pull the latest templates, then run your first scan. No config required to start.
Choose your install method
brew tap bugb-technologies/cxg && brew install cxgcurl -fsSL https://raw.githubusercontent.com/Bugb-Technologies/cert-x-gen/main/install.sh | bashcargo install --git https://github.com/Bugb-Technologies/cert-x-gen.gitThen run your first scan
cxg template update && cxg scan --scope example.comTemplates download automatically on first run. Use --scope with a host, file, or CIDR.