by Cheyenne Sokkappa, on Jun 7, 2026 12:00:00 AM
When you're considering modernizing a legacy app, it can be hard to figure out where to even start.
At GAPVelocity AI, we see teams with legacy applications written anywhere from 10-30 years ago, and where the original developers have left with critical institutional knowledge of the app.
In a modernization project, teams commit to a timeline and a budget based on what someone thinks is in the codebase, then discovers six weeks in that there is more code than anyone remembered, frameworks nobody mentioned, and critical third-party libraries doing real work that nobody documented.
This is the problem we try to solve at GAPVelocity AI. We've built ByteInsight, our free application assessment tool that analyzes your legacy code. This blog is a deep dive into what ByteInsight actually does, what its output tells you about your application, and how we use it at GAPVelocity AI to give clients an honest picture to help plan out their modernization project.
Why Assess Your Legacy Code?
If you own a legacy application that is a candidate for modernization, you are almost certainly working with incomplete information. The original software engineers may be gone. The documentation is likely not fully up to date. The codebase has grown sideways for years through patches, integrations, and "temporary" workarounds that became load-bearing.
Before you can make a sound decision about modernizing, you need answers to some fairly basic questions that turn out to be surprisingly hard to answer by hand:
- How much code is actually here, and how much of it is real code versus blank lines, comments, and generated files?
- What languages and technologies are in play, and in what proportions?
- Are there hidden technologies you did not account for, such as embedded databases or third-party controls?
- What does the code depend on, and which framework versions are involved?
You can try to answer these with a few afternoons of serious elbow grease, but it can be a significant time consuming ordeal and critical risks will still fall through the cracks. A consistent, automated inventory removes the guesswork.
ByteInsight provides a comprehensive analysis to help you understand what is working behind the scenes on your legacy app AND help you plan out your modernization project based on all the different dependencies and complexities.
What ByteInsight Does
ByteInsight performs local, read-only source code inventory and metadata analysis so a team can size modernization work before committing to it. The design philosophy is deliberately narrow; it does a small set of things and does them securely.
Mechanically, it recursively walks a root folder you point it at, identifies file types and languages, and counts lines of code for the languages it recognizes. For unknown ASCII files it still gives you a line count, separating blank from non-blank lines, and treats unknown files over a certain size as binary.
ByteInsight runs as a standard local user process and does not require administrator rights. It needs read permission on the directories you scan and write permission on an output folder, and that is the full extent of its footprint.
It can run completely offline by default, producing its raw output locally without sending anything anywhere.
For teams with strict requirements, the recommended procedure is to drop the executable on an isolated machine with no outbound network, give it read-only access to a copy of the repo, and inspect the output files locally.
No client source code is ever uploaded or transmitted. When an internet connection is available, that is used to render a richer, more readable version of the results, not to exfiltrate code.
Language and Technology Coverage
ByteInsight recognizes the file types associated with a broad set of languages.
Coverage includes:
| Category | Technologies |
|---|---|
| Microsoft / .NET stack | Visual Basic 6.0, VB.NET, C#, ASP, ASP.NET, MS Access |
| Systems and desktop | C/C++, Delphi/Pascal, Clarion, PowerBuilder |
| Web and scripting | JavaScript, TypeScript, JSON, PHP, Python |
| Data and 4GL | SQL, Teradata BTEQ, Informix 4GL |
| Enterprise / JVM | Java |
| Markup | XAML, XML, HTML |
How Does the Assessment Output Help You?
Running the scan produces a set of local output files: a full files inventory, identified technologies, identified text, and supporting data, all in a format you can pull straight into Excel, Power BI, or Tableau if you want to slice it yourself.
The typical record for a file includes its full path, extension, inferred language, size in bytes, total lines of code with blank and non-blank breakdowns where applicable, and timestamps. That raw layer is deliberately tool-agnostic so your own analysts can work with it directly.
On top of the raw output sits the report, and the report is where the inventory turns into understanding. A few things it gives you are worth highlighting because they change decisions rather than just describing the code.
Early on, total line counts included blank lines, comments, and lines from non-code files, which inflated the number. The line-of-code logic now counts actual content lines, while the full report still breaks down every line type. This matters because modernization effort tracks the code that does something, and an honest content-line count is the number you want to estimate against.
It shows you the shape of the codebase. It detects framework versions. Automatic framework-version detection gives you a more concrete read on compatibility and the kind of issues you are likely to hit during a migration, before you hit them.
It lets you scope the noise out. Directory path exclusion means you can drop bin and obj folders, third-party libraries, and other irrelevant directories from the analysis so the numbers reflect the code you actually own and intend to modernize, not the dependencies that came along for the ride.
Taken together, the output answers the question every stakeholder is really asking in their own language: how big is this, what is it made of, and how hard is it going to be.
How we use ByteInsight at GAPVelocity AI
For us, an assessment is the front door to a modernization conversation. Before handing our clients a quote, we show them exactly what they are dealing with.
Four of the report's capabilities map straight to how we quote and advise:
We scope and price from the line-of-code count. Support effort follows a transparent rule: one hour per 10,000 lines of code, rounded up. VB6 pricing only shows under a defined LOC threshold, because beyond that the engagement is a different conversation, not an off-the-shelf number.
We set expectations on automation honestly. For certain technologies, the report shows what percentage an automated migrator is expected to cover and what stays manual.
We flag risk up front. The application risk assessment calls out compatibility issues that could affect a migration, so they land in the sales conversation instead of mid-delivery.
We keep it fully offline when needed. For sensitive code, a client runs ByteInsight in a no-network environment and shares only the raw output.
The Executive report and the Technical report
One of the more useful things about the current report is that it speaks to two audiences from the same scan. In the report, you can switch between the Executive and Technical reports. The underlying assessment is identical; what changes is how we frame the project.
The Technical Report
The technical report is the detailed view a developer or architect wants. The technical report:
- Breaks down estimated lines of code by type: actual code, designer code, HTML, JavaScript, comments, and blanks, so effort is measured against code that does something
- Inventories every C# solution and project, with the controls, libraries, and third-party controls each one uses
- Surfaces property-method-event (PME) data organized by solution and project
- Detects framework versions across the codebase to flag compatibility issues before they bite
- Counts files by extension and maps each to its technology
- Lets you exclude folders like bin, obj, and third-party libraries so the numbers reflect only the code you own
The Executive Report
The executive report reorganizes the same findings around the questions leadership actually asks.
The executive report provides:
- An executive summary of what the scan found and what it means
- A code-volume breakdown across core logic, UI, data access, and configuration, often the first time that split has been quantified
- Automation coverage so leadership sees how much of the migration can be automated with GAPVelocity AI tooling
- An application risk assessment that shows the risks your legacy application is currently facing (security vulnerabilities, old components)
- At the end you'll get estimated lines of code, and support hours, with a path to book a meeting to start your modernization project
If you're looking to size up a modernization and share it out with an executive stakeholder, this assessment is a perfect starting point.
Conclusion: Assess first, Then Decide
If you are thinking about modernizing a legacy application, or even just trying to figure out whether you should, an assessment is the right first move.
It is free, low commitment, and secure. It replaces a pile of assumptions with a defensible picture of what you actually have: lines of code, which technologies, which framework versions, and risks.
To learn more about ByteInsight, read the documentation here.
You do not have to commit to a modernization to run a ByteInsight assessment. Get the inventory, read both the executive and technical views, and let the real numbers shape the decision. A modernization that starts from a comprehensive assessment is a modernization that is far less likely to surprise you later, and that is the most valuable thing a first step can do.
