Tsun

Tsun is a CLI-first Dynamic Application Security Testing (DAST) tool built on top of OWASP ZAP, designed for small SaaS teams that want real security scanning without enterprise overhead. It runs authenticated scans locally or in CI with predictable runtimes, sane defaults, and low noise — so engineers actually keep it enabled. Key features: Authenticated scans (headers, cookies, login hooks) CI-friendly profiles with time and URL caps Baseline comparisons to show what changed JSON, HTML, and SARIF output (GitHub Code Scanning ready) Fully local execution — no SaaS account required The core CLI is free and open-source. Pro adds baselines, deep scans, and workflow guardrails for teams that want cleaner CI and less noise. Built by a security engineer for developers who want ZAP-level power without heavyweight platforms.