InfraScan is an open-source infrastructure auditor that scans your GitHub repository for AWS cost antipatterns, IaC security issues, and container vulnerabilities. It requires no cloud credentials - just paste your repo URL. InfraScan detects oversized resources, open ports, risky IAM policies, unencrypted storage, and misconfigurations before deployment, helping teams reduce costs and prevent security risks early in the development lifecycle.

Wispr Flow: Dictation That Works Everywhere — Stop typing. Start speaking. 4x faster.

Stop typing. Start speaking. 4x faster.

👋 Hi Product Hunt! We built InfraScan to help teams catch infrastructure problems before they reach production. 🔍 Scan your GitHub repo 💸 Detect AWS cost antipatterns 🛡️ Find security risks in IaC & containers ⚡ No cloud credentials required InfraScan is open-source and built by the SolDevelo Cloud Engineering Team. We’d love your feedback, ideas, and feature requests - this is just first version and we’re actively developing it!

NEW UPDATE: InfraScan v1.0.4 is out! 🚀

Hi Product Hunt family! 👋 Since our launch, we’ve been listening to your feedback and building hard to make InfraScan the best auditor for your cloud.

v1.0.4 is a leap in transparency and reliability:

📊 PIPELINE VISIBILITY: No more artifact hunting! InfraScan now prints a full, beautiful findings summary directly in your CI/CD terminal logs, even when saving HTML reports. Total results at a glance! ⚡

🐳 ZERO-CONFIG CONTAINER SCANS: We’ve implemented a smart fallback system. If Docker Scout isn't configured, InfraScan automatically switches to GRYPE. It ensures you ALWAYS get security results without any extra setup. 🛡️

☁️ CLOUD-NATIVE READY: Added automatic Amazon ECR authentication and full support for environment variables in docker-compose.yml image names (e.g., v${TAG:-latest}). ☁️

🌐 BETTER WEB EXPERIENCE: We’ve fixed the "413 Request Entity Too Large" errors for massive reports and improved accessibility for better navigation.

Everything is unified into one powerful Docker image for both Web UI and CLI. Still 100% open-source! ⭐️

Try it out:

docker run --rm -v $(pwd):/scan soldevelo/infrascan:latest

What should we build next?