living model · recorded discovery, replayed
case opened · controlled payments specimen

Understand.Investigate.Verify.

— before users depend on it.

Sensyscope builds a working model of your application, asks the questions a security engineer would ask, and answers them with evidence. What it cannot prove, it tells you.

Current offer: a bounded review with findings and explicit gaps. Not a pentest, certification, deployment approval, comprehensive review, or safety guarantee.

the case, performed ↓
controlled internal case · not customer work

Can a user create money they don't have?

api/credits.ts:141amount is read from the request body
counter — api/credits.ts:149 server recomputes the amount from the price table
probe — POST /credits {amount: 9999} → ledger wrote 20.00, the priced value
H1client-supplied amount reaches the ledgercase: rejected

In this controlled case, the tested money-creation paths did not open. Case bounded.

3 hypotheses resolved · 8 recorded probes · internal specimen

replayed from CASE-003 — read the full file below

Scanners look for what they already know.

Your AI wrote 14,000 lines last week. The code works, the demo is beautiful, and nobody can say, with evidence, what happens when someone hostile shows up. That is not a tooling gap. It is a proof gap.

They match patterns, not intent.

A scanner sees a string that looks like a secret. It cannot tell you whether the secret was ever real, whether it reached production, or whether the code path that touches it is even reachable.

They produce lists, not answers.

A thousand findings without weight, without context, without a verdict. The reader is asked to become the investigator. Most stop reading at page two.

They speak in confidence they have not earned.

A finding is marked critical because a rule said so, not because someone walked the reasoning, looked for the counter-example, and could not find one.

Understand the software.
Then reach a verdict.

The pipeline is not a diagram. It is a ledger. Every stage adds something a reader can go back and check. Your scroll drives the descent.

  1. 01Understand

    Map the observable application structure, high-risk surfaces, and trust boundaries.

  2. 02Question

    Turn the model into bounded, testable security questions — not a generic checklist.

  3. 03Examine

    Seek evidence, counter-evidence, and missing evidence in the code, config, and recorded probes.

  4. 04Verdict

    Issue a bounded conclusion with denominators and the full record of what remains unknown.

A living picture
of your application.

As the engine reads a repository, it grows a picture of what the application is. Components become nodes. Relationships become edges. Unknown territory stays grey and says so. Witnessed paths in this controlled replay take the seal’s color.

living model · recorded discovery, replayed
witnessedunderstoodunknownconfirmed
nodes 44 · edges 45 · every mark = something the engine saw

The primary object
is not a report.

A case file is the record of a single investigation — a legal brief crossed with a scientific paper. This is CASE-003, the one replayed above, in full.

case_fileCASE-003controlled case
controlled internal specimen · not customer work · not independent validation
The question

Can a user create money they don't have?

case
CASE-003
opened
today · 14:02
scope
payments · ledger writes

What we could not prove, in writing.

A bounded review should state what was checked, partially checked, left unchecked, and what the current system lacks the capability to establish. An unknown is not a failure. Hiding it would be.

honesty ledger — acme-checkout12/14 surfaces checked
checkedAuthentication & sessions9/9 routes
checkedPayment write paths3/3 paths
checkedTenant isolation11/11 tables
partiallyRate limiting4/7 endpoints
uncheckedAdmin console (added Tuesday)ranked #1 next
capability missingNative mobile clienton the roadmap
Journal

Engineering research, verification philosophy, and development notes will be published here as Sensyscope evolves. Nothing backdated, nothing ghostwritten.

Visit the journal →

Earned,
not given.

The mark is a register: four slices that align when a bounded case reaches its recorded conclusion. This interaction replays the controlled internal CASE-003 specimen above; it is not customer work, independent validation, or a claim that an application is safe.

hold the mark to bring it into register

Not ready yet?
Follow the build.

Occasional notes on what Sensyscope is building and learning. No product claims, no spam, one click to leave.

follow_the_build