SoftifyBase Security
SoftifyBase Vulnerability Scanner
Where to find your SoftifyBase API URL:
- Go to studio.softifybase.com
- Select your project
- Your API URL is shown in the dashboard
Format: https://api.yourdomain.com
+ Add anon key (optional, for deeper testing) [?] Where to find your anon key:
- Go to studio.softifybase.com
- Select your project
- Click API Settings
- Copy anon public key
Starts with: eyJhbGciOiJIUzI1...
This key is safe to use - it's public
Where to find your anon key:
- Go to studio.softifybase.com
- Select your project
- Click API Settings
- Copy anon public key
Starts with: eyJhbGciOiJIUzI1...
This key is safe to use - it's public
[!] Only test projects you own or have explicit authorization to test
AI-assisted development can miss security holes. Test your SoftifyBase projects with 280+ attack vectors across 9 categories. Know your security posture.
9 Attack Categories. 280+ Attack Vectors.
Comprehensive coverage of every SoftifyBase attack surface. Each category contains multiple attack vectors tested against real vulnerabilities.
No Security
RLS Disabled
Bad RLS
USING (true)
Business Logic
Price & IDOR
Vibecoder
AI Mistakes
Injection
SQL & XSS
GraphQL/Vault
Secrets
Auth/Tenant
Multi-tenant
Database
Deep Access
AI/Realtime
ML & WS
Backup/Logs
Operations
Active Breach Testing
Actually attempts to exploit your SoftifyBase instance with real attack vectors. No guessing - real proof of vulnerabilities.
Ralph Wiggum Loop
"I'm in danger!" - Persistent iteration until every vulnerability is found. Keeps attacking until the attack surface is fully mapped.
Fix Verification
After you apply fixes, re-runs all attacks to confirm they're actually resolved. No more "trust me, it's fixed."
[!] For Authorized Testing Only
Only test projects you own or have explicit permission to test. This scanner performs real attacks that could affect data. Use responsibly.