Hunt the Dead Code. Expose the Zombies.
An AI-powered forensic scanner that surgically detects dead code, zombie dependencies, and unused imports in Python repositories.
Features • Demo • Installation • Usage • How It Works • Contributing
DeadHunt is a sophisticated static analysis tool that combines AST parsing, dependency analysis, and AI-powered reasoning to identify dead code and zombie dependencies in Python projects. Unlike traditional linters, DeadHunt understands framework patterns (Django, Flask, FastAPI) and reduces false positives through intelligent context analysis.
- 🔍 Framework-Aware: Recognizes Django models, Flask routes, FastAPI endpoints, and other framework patterns
- 🧠 AI-Powered Analysis: Uses LLM reasoning to distinguish real dead code from framework-invoked code
- 📊 Comprehensive Reports: Beautiful, interactive HTML reports with actionable insights
- 🚀 Zero Configuration: Just paste a GitHub URL and scan
- 🎨 Modern UI: Cyberpunk-inspired terminal interface with real-time progress
- Identifies unused functions, classes, variables, and imports
- AST-based analysis with cross-file reference tracking
- Framework-specific whitelisting to avoid false positives
- Confidence scoring for each finding
- Compares declared dependencies vs. actual imports
- Detects packages installed but never used
- Identifies bloated
requirements.txtfiles - Suggests safe removal candidates
- Executive summary with health score
- Risk-categorized findings (High/Medium/Low)
- Actionable recommendations for each issue
- PDF export and markdown copy functionality
- Interactive table of contents with scroll spy
- Cyberpunk-themed terminal UI
- Real-time scan progress
- Animated particles and scanline effects
- Responsive design for mobile and desktop
┌─────────────────────────────────────────┐
│ 💀 DeadHunt │
│ Hunt The Dead Code. │
│ │
│ ❯ https://github.com/user/repo │
│ [SCAN] │
└─────────────────────────────────────────┘
- Health Score: Visual ring chart showing codebase health (0-100)
- Finding Cards: Color-coded cards with verdict badges
- Sidebar TOC: Auto-generated navigation with active section highlighting
- Export Options: PDF download and raw markdown copy
- Python 3.8 or higher
- Git
- pip
-
Clone the repository
git clone https://github.com/indiser/DeadHunt.git cd DeadHunt -
Install dependencies
pip install -r requirements.txt
-
Set up environment variables
# Create a .env file with your API keys cp .env.example .envAdd your API keys to
.env:GEMINI_API_KEY=your_gemini_api_key_here OPENROUTER_API_KEY=your_openrouter_key_here GROQ_API_KEY=your_groq_key_here CEREBRAS_API_KEY=your_cerebras_key_here
-
Run the application
python app.py
-
Open your browser
Navigate to http://localhost:5000
- Open DeadHunt in your browser
- Paste a GitHub repository URL (e.g.,
https://github.com/user/repo) - Click SCAN
- Wait for analysis to complete (typically 30-90 seconds)
- Review the forensic report with findings and recommendations
from enginex import analyze_repo
# Analyze a repository
report = analyze_repo("https://github.com/user/repo")
print(report)Repository → Shallow Clone → AST Parsing → Framework Detection
- Clones the target repository (depth=1 for speed)
- Parses all Python files into Abstract Syntax Trees
- Detects framework architecture (Django/Flask/FastAPI/Generic)
AST → Vulture Scanner → Cross-File References → Confidence Scoring
- Uses Vulture for dead code detection
- Performs cross-file reference analysis
- Applies framework-specific whitelists
- Assigns confidence scores (60-100%)
requirements.txt → Import Extraction → Diff Analysis → Zombie Detection
- Generates actual imports using
pipreqsor manual AST scan - Compares declared vs. actual dependencies
- Identifies unused packages
Findings → LLM Analysis → Verdict Assignment → Risk Categorization
- Sends findings to AI model (Gemini/OpenRouter/Groq/Cerebras)
- Applies framework pattern recognition
- Distinguishes false positives from real issues
- Generates actionable recommendations
DeadHunt/
├── app.py # Flask application & routing
├── enginex.py # Core analysis engine
├── deadhunt_router.py # Multi-provider LLM failover
├── templates/
│ ├── index.html # Landing page
│ └── report.html # Analysis report UI
├── .env # API keys (not committed)
└── README.md # This file
- app.py: Flask web server, handles routing and report rendering
- enginex.py: Core scanning logic, AST parsing, Vulture integration, LLM communication
- index.html: Cyberpunk-themed landing page with terminal input
- report.html: Interactive forensic report with markdown rendering
DeadHunt intelligently handles framework-specific patterns:
Contributions are welcome! Here's how you can help:
- Fork the repository
- Create a feature branch (
git checkout -b feature/amazing-feature) - Commit your changes (
git commit -m 'Add amazing feature') - Push to the branch (
git push origin feature/amazing-feature) - Open a Pull Request
# Install dev dependencies
pip install -r requirements-dev.txt
# Run tests
pytest tests/
# Format code
black .
# Lint
flake8 .- Support for JavaScript/TypeScript repositories
- GitHub Actions integration
- CLI tool for CI/CD pipelines
- VS Code extension
- Batch scanning for multiple repositories
- Historical trend analysis
- Custom rule configuration
- Python 2 Support: Limited AST parsing for Python 2 codebases
- Dynamic Imports: Cannot detect runtime imports via
importliborexec() - Reflection Patterns: May flag metaprogramming patterns as dead code
- Private Repositories: Requires public GitHub URLs (or manual cloning)
This project is licensed under the MIT License - see the LICENSE file for details.
- Vulture - Dead code detection
- Marked.js - Markdown parsing
- Highlight.js - Syntax highlighting
- Google Gemini - AI-powered analysis
- Flask - Web framework
Project Maintainer: Indiser
- GitHub: indiser
- Email: indiser01@gmail.com
Built with 💀 by developers, for developers