# Install modsurfer with Homebrew

Validate, audit and investigate WebAssembly binaries. Version 0.0.10 via Homebrew; verified from local package data.

## Install

```sh
sudo av install brew:modsurfer
```

Additional install commands:

### macOS

- Homebrew (100%):

```sh
brew install modsurfer
```

  Evidence: local Homebrew formula metadata

## Package facts

- **Package key:** brew:modsurfer
- **Package manager:** Homebrew
- **Package manager page:** <https://formulae.brew.sh/formula/modsurfer>
- **Version:** 0.0.10
- **Source summary:** Validate, audit and investigate WebAssembly binaries
- **Homepage:** <https://dylibso.com/products/modsurfer/>
- **Repository:** <https://github.com/dylibso/modsurfer>
- **Upstream docs:** <https://dylibso.com/products/modsurfer>
- **License:** Apache-2.0
- **Source archive:** <https://github.com/dylibso/modsurfer/archive/refs/tags/v0.0.10.tar.gz>
- **Generated:** 2026-07-08T07:18:31+00:00

## Executables

- modsurfer (cli)
- modsurfer (alias)

## Build dependencies

- pkgconf
- rust

## Install behavior

- Post-install hook: not defined
- Bottle: available on arm64_linux, arm64_monterey, arm64_sequoia, arm64_sonoma, arm64_tahoe, arm64_ventura, monterey, sonoma, ventura, x86_64_linux

## Freshness

- Page generated: 2026-07-08
- Package-manager version: 0.0.10
- Local data: ok
- Upstream repository: https://github.com/dylibso/modsurfer
- Upstream latest detected: v0.0.10 (current)
- info: No package-manager update timestamp was available.
## Project history and usage

Modsurfer is Dylibso's WebAssembly analysis and validation tool, released as part of the company's effort to make compiled `.wasm` modules easier to inspect, track, and govern. Dylibso introduced a beta version as a "system of record" for WebAssembly modules, aimed at teams running Wasm in infrastructure or debugging compiled modules that would otherwise be opaque binary artifacts.

### Project history

The CLI centers on checkfiles: users generate or write a YAML policy describing required module properties, then validate a compiled `.wasm` file against expectations such as imports, exports, WASI use, function signatures, binary size, and cyclomatic-complexity risk. The product page and README also describe GUI and service-oriented workflows for searching module metadata, browsing hashes and function names, auditing a stack of modules, and triaging issues in WebAssembly components.

### How it is used

In package-manager terms, the Homebrew formula exposes the `modsurfer` executable for local validation and investigation. It belongs to the WebAssembly supply-chain and operations niche rather than the compiler/runtime niche: it does not build Wasm modules, but helps teams understand and enforce properties of the modules they already build or consume.

### Sources

- <https://dylibso.com/blog/hello-world/>
- <https://dylibso.com/products/modsurfer/>
- <https://formulae.brew.sh/formula/modsurfer>
- <https://github.com/dylibso/modsurfer>
- <https://raw.githubusercontent.com/dylibso/modsurfer/main/README.md>


## Security Notes

narrow executable package without higher-risk signals.

- **Geiger risk:** green / low
- narrow executable package without higher-risk signals

## Source Database Details

- **Source Database:** Homebrew formula API
- **Tap:** homebrew/core
- **Full Name:** modsurfer
- **Version Scheme:** 0
- **Revision:** 0
- **Bottle Stable Root URL:** <https://ghcr.io/v2/homebrew/core>
- **Deprecated:** no
- **Disabled:** no
- **Keg Only:** no
- **URL Keys:** stable


## Related links

- [Terminal utility packages](https://www.automicvault.com/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata.
- [Networking and protocol packages](https://www.automicvault.com/pkg/networking-protocol-tools/) - Matched network, protocol, or remote-service metadata.
- [Security and crypto packages](https://www.automicvault.com/pkg/security-crypto-tools/) - Matched security, identity, cryptography, password, signing, or certificate metadata.
- [Homebrew utility packages](https://www.automicvault.com/pkg/brew-utility-packages/) - Matched Homebrew package provider.
- [pkgconf](https://www.automicvault.com/pkg/brew/pkgconf/) - Build dependency declared by Homebrew.
- [rust](https://www.automicvault.com/pkg/brew/rust/) - Build dependency declared by Homebrew.
- [wassette](https://www.automicvault.com/pkg/brew/wassette/) - Shares av.db curated category or tags: cli, security, webassembly.
- [haiti](https://www.automicvault.com/pkg/brew/haiti/) - Shares av.db curated category or tags: analysis, cli, security.
- [bagel](https://www.automicvault.com/pkg/brew/bagel/) - Shares av.db curated category or tags: audit, cli, security.
- [execstack](https://www.automicvault.com/pkg/brew/execstack/) - Shares av.db curated category or tags: binary-analysis, cli, security.
- [pywhat](https://www.automicvault.com/pkg/brew/pywhat/) - Shares av.db curated category or tags: analysis, cli, security.
- [retdec](https://www.automicvault.com/pkg/brew/retdec/) - Shares av.db curated category or tags: binary-analysis, cli, security.
- [rizin](https://www.automicvault.com/pkg/brew/rizin/) - Shares av.db curated category or tags: binary-analysis, cli, security.
- [aide](https://www.automicvault.com/pkg/brew/aide/) - Shares av.db curated category or tags: cli, security.
- [redress](https://www.automicvault.com/pkg/brew/redress/) - Security-sensitive metadata or terminology overlaps. Shared terms: analysis, binaries, binary, binary-analysis, cli.

## Combined YAML source

View the package source record on GitHub. [combined/modsurfer.yml](https://github.com/automic-vault/db/blob/main/combined/modsurfer.yml)


## Sources

- Nucleus package database
- Geiger risk classifier
- package-page enrichment
- curated package history
- package version freshness
- av.db category and tag curation
- package relationship graph
- cross-ecosystem install command graph
