Corgea Malware Scanning is a static analysis tool that scans source code repositories for malicious code, backdoors, logic bombs, and other hidden threats. The tool performs deep static analysis and heuristic pattern-matching to identify over 15 critical CWEs, including embedded malicious code (CWE-506) and authentication bypass vulnerabilities (CWE-288). The scanner operates at the source code level without requiring compiled binaries. It supports polyglot projects across more than 20 programming languages including Go, Python, JavaScript, C/C++, and Java, parsing native syntax to detect stealthy payloads in each language. Corgea integrates into CI/CD pipelines and pull-request workflows to automatically block commits that introduce suspicious code. The tool provides line-level evidence and explanations to help developers identify and remediate issues before code reaches production. Users can upload any repository, whether proprietary or open-source, for scanning. The tool is designed to fit into existing development workflows and can be enabled quickly within development environments.