Collaborate Disseminate
Using SAST / SCA tools within the delivery pipelines is quite common these days; however, in the software my teams are building, the SAST tools that we’re using are very rarely finding even relatively important security gaps – for the most… Continue reading Is there evidence that using SAST / SCA brings positive ROI to software companies?
One of the key questions when investigating the security of software and libraries is what are the dangerous sinks? What functions are potentially dangerous, if called with untrusted data?
It would be helpful when auditing source code to h… Continue reading Is there a machine-readable way to document dangerous sinks in libraries?
When thinking about loops in programming languages, they often get simplified down to a conditions section and a body, but this belies the dizzying complexity that emerges when considering loop …read more Continue reading Misconceptions About Loops, or: Static Code Analysis is Hard
I’m working on a Go application where I’m using http.NewRequestWithContext to make outgoing requests. During a recent Veracode scan, I received an SSRF (Server-Side Request Forgery) flag for the following line:
req, err:= http.NewRequestWi… Continue reading Veracode SSRF Flag for http.NewRequestWithContext: Mitigating Risk in My Go Application
As you know, using machine learning we can detect malware.
We can use dynamic analysis based on WinAPI function calls and their arguments.
But what about static analysis using machine learning? In this case, we can parse Portable Executabl… Continue reading Static malware analysis using machine learning
What tools are necessary for static-analysis taint-based vulnerability detection? For example, being able to find/search source-sink paths through a tainted variable, flexibility to choose flow sensitive/insensitive analysis, etc.
I realiz… Continue reading Required features for taint-based vulnerability tools? [closed]
it is my first time with MobSF and Android APK assessment. I have found something while testing a specific APK and I am trying to understand the concept behind it:
Under HARDCODED_SECRETS in MobSF, was found a pair of KEY/SECRET related to… Continue reading MobSF Android Activity APK Pentest
I am working on testing multiple code review tools and what to know if there are any free vulnerable code projects that I can run my scanning tools against and compare the results of each tool. I am mostly aiming at projects using .NET/C# … Continue reading Vulnerable Projects to Test and Compare Code Review Tools [closed]
What is the official definition of code review or source code review?
Does it only mean that another developer reads the code after changes done by another developer?
or it can be done by an automated tool? like lgtm for example which is a… Continue reading What is code review? [closed]
I have the APK of an application and analyzed it using MobSF static analysis. It says the application talks with Firebase Database and provides a URL.
Obviously, the URL is not accessible.
I am new to this so trying to find tools from GitH… Continue reading How to Scan Firebase Database?