Skip to content
View VirtualSpaceGit's full-sized avatar
🏠
Working from home
🏠
Working from home
1 follower · 0 following

Block or report VirtualSpaceGit

Block user

Prevent this user from interacting with your repositories and sending you notifications. Learn more about blocking users.

You must be logged in to block users.

Maximum 250 characters. Please don’t include any personal information such as legal names or email addresses. Markdown is supported. This note will only be visible to you.
Report abuse

Contact GitHub support about this user’s behavior. Learn more about reporting abuse.

Report abuse
VirtualSpaceGit/README.md

Hi - I'm the developer behind VirtualSpace AppSec.

VirtualSpace AppSec is a downloadable secure code review tool for Windows that runs entirely on your own machine. It helps individual developers and small teams find and fix vulnerabilities in source code they own or are authorized to review, before that code ships to production. Nothing is uploaded - the only network call the product makes is a lightweight license check.

The product is operated by Verse, a Netherlands-registered business (KVK 88114171, BTW NL004542200B50).

How it works

  • On-device. SAST, heuristics, taint and data-flow analysis, and the bundled AI all run on the user's Windows machine.
  • Source code only. Analyzes C/C++, Python, JavaScript, and .NET projects. Does not analyze binaries, EXE/DLL files, or firmware.
  • Defensive only. Built to defend, not to attack. No exploit code, no payloads, no remote-execution capability.
  • Authorized use only. For reviewing code you own or have explicit, documented authorization to analyze.
  • One-time purchase. Term licenses expire; lifetime has no recurring fee. No subscriptions, no auto-renewal.
  • Direct-to-consumer. For individual developers, students, open-source maintainers, and small teams. No enterprise or reseller plans.

Findings are CWE-classified and mapped to OWASP Top 10 (2025), CWE/SANS Top 25, PCI DSS v4.0.1, NIST SP 800-218, and the OWASP LLM Top 10, with SARIF 2.1.0 export for the developer's own local CI workflow.

No automated security tool catches everything - findings are advisory and should be reviewed before action. VirtualSpace AppSec is not a QSA, not an ASV scan, and not a compliance certificate.

Official channels: virtualspacesec.com, this GitHub account, and X. The only official support channel is support@virtualspacesec.com. We do not operate sales or support on Discord, Telegram, WhatsApp, or YouTube.

Pinned Loading

  1. remapping-ntdll.dll remapping-ntdll.dll Public

    Defensive C++ demo: safe memory section mapping with a page-level integrity check against the loaded ntdll.dll.

    C++ 3 2

  2. virtualspace-appsec virtualspace-appsec Public

    Windows secure code review tool by Verse. SAST + on-device AI analysis for C/C++, Python, JavaScript, and .NET source projects you own or are authorized to review - runs entirely on your own machine.

    Python 1