GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → Semmle → SecurityQueries

Semmle / SecurityQueries

Licence: Apache-2.0 license
No description or website provided.

Labels

semmle-ql

Projects that are alternatives of or similar to SecurityQueries

codeql
CodeQL: the libraries and queries that power security researchers around the world, as well as code scanning in GitHub Advanced Security
Stars: ✭ 5,688 (+7100%)
Mutual labels:  semmle-ql
codeql-java-queries
Personal LGTM CodeQL queries
Stars: ✭ 42 (-46.84%)
Mutual labels:  semmle-ql
demos
This repo has been migrated to https://github.com/github/security-lab/tree/master/CodeQL_Queries
Stars: ✭ 23 (-70.89%)
Mutual labels:  semmle-ql

Security queries

This repository is a place to store and share customized security queries and libraries. This contains queries in LGTM blog posts, but also project specific libraries. If you find it useful and would like to share some cool queries that you wrote for finding vulnerabilities in open source projects with us, or if you would like to help us to improve the project-specific QL libraries, please feel free to contribute and create a PR!

These queries should be used with the free QL for Eclipse plugin. To run these queries on an open source project that is available on LGTM, follow the first two steps in Basic Usage to obtain and import the project snapshot, then go to the specific .ql file in this repository that contains the query, import the parent project into Eclipse, open and select the file and press Ctrl+R. There are also some links to snapshots for specific versions of certain projects in the README files in this repository.

Using the Path Explorer

Many queries in this repository makes use of the Taint-Tracking library in QL, which allows you to visualize the code path that goes from a tainted source to a dangerous sink. To enable this, click Window on the Eclipse menu bar, then click Show View > Other... > Semmle > Path Explorer to display the Path Explorer window. This will show you the tainted path when you click on a query result.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].