Levox
Offline, privacy-first PII detection for your codebase
Levox Overview
Levox is a CLI tool designed for offline, privacy-first PII (Personally Identifiable Information) and secret detection in your codebase. It scans locally using an enterprise-grade 7-stage pipeline without requiring code uploads. Levox supports multiple programming languages including Python, JavaScript/TypeScript, and Java. It is ideal for developers and security teams who need to ensure their code is free from sensitive data while maintaining privacy and compliance with regulations like GDPR. Levox provides actionable outputs in various formats such as summary, JSON, SARIF, or reports, making it easy to integrate into CI/CD pipelines.
Levox Screenshot
Levox Official screenshot of the tool interface
Levox Core Features
7-Stage Detection Pipeline
Levox employs a comprehensive 7-stage pipeline (Regex β AST β Context β Dataflow β CFG β ML β GDPR) to ensure precise and explainable results. This multi-layered approach enhances accuracy in detecting PII, secrets, and GDPR compliance issues.
Offline, Local Scanning
Levox runs entirely on your machine, ensuring your code never leaves your environment. This privacy-first approach is perfect for teams that prioritize data security and compliance.
Multi-Language Support
Levox supports Python, JavaScript/TypeScript, and Java, providing code-aware parsing to detect sensitive data effectively across different programming languages.
User Control & Privacy
Levox operates with no telemetry by default. Optional license and secret checks can be disabled, giving users full control over their scanning environment.
Actionable Outputs
Levox generates various output formats including summary/table for triage, JSON/SARIF for CI integration, and optional HTML/PDF reports for detailed analysis.
GDPR-Focused Checks
Levox highlights weak cryptography, missing export/deletion flows, risky third-party use, and retention gaps, ensuring compliance with GDPR regulations.
Levox Use Cases
Secure Development Workflow
Integrate Levox into your CI/CD pipeline to automatically scan for PII and secrets before code is merged, ensuring sensitive data is never accidentally committed.
GDPR Compliance
Use Levox to identify and mitigate GDPR compliance risks in your codebase, such as weak encryption or missing data deletion flows.
Enterprise Security Audits
Perform comprehensive security audits with Levox's 7-stage pipeline to detect and address vulnerabilities in large codebases across multiple languages.
How to Use Levox
Install the Levox CLI using pip: `pip install levox-cli`.
Activate your license (optional) by running `levox license --register YOUR_LICENSE_KEY`.
Scan your repository and print the results in JSON format using `levox scan --format json`.
Generate a SARIF report for CI integration with `levox scan --format sarif > results.sarif`.
Review the outputs and take necessary actions to secure your codebase based on the findings.