I've had my first :github: CodeQL query merged into the experimental section of the official CodeQL rules!
https://lnkd.in/dk_tTiQZ (and a "local" variant, https://lnkd.in/dP88QJwa).
That's query ids java/command-line-injection-extra and java/command-line-injection-extra-local
They spot something the existing :java: command injection query does, but in a way that's more robust to unusual code.
It’s an edge case, but one that was important to a customer.
#CodeQL #sast #java #commandinjection
Microsoft :microsoft: have an open job for a Security Program Manager for Open Source.
“Help us solve open source security challenges at scale, both for the company and the world. If you live at the intersection of open source, software engineering, security, and making things happen, please take a look… [It] is US-based, but…up to 100% remote”
https://jobs.careers.microsoft.com/global/en/job/1575779/Senior-Security-Program-Manager
#jobs #sdlc #appsec #opensource #OpenSSF #security #CodeQL
About CodeQL — CodeQL https://codeql.github.com/docs/codeql-overview/about-codeql/ #vulnerability #developer #analysis #security #database #variant #codeql #engine #source #check #error #code #data #bug
#vulnerability #developer #analysis #security #database #variant #CodeQL #engine #source #check #error #code #data #bug
:github: is looking for #Swift #opensource projects to try out the upcoming Swift support in #GitHub code scanning.
Sign up here:
https://github.com/github/codeql/discussions/12522
You’ll be able to get access to the new CodeQL-powered static source code analysis before it ships to everyone else.
#SwiftLang #IOSdev #SAST #SecureCoding #DevSecOps #CodeQL #BetaTesting #PrivateBeta #MobileDev
#swift #opensource #github #swiftlang #iosdev #sast #securecoding #devsecops #CodeQL #betatesting #privatebeta #mobiledev
:github: is looking for #Swift #opensource projects to try out the upcoming Swift support in #GitHub code scanning.
Sign up here:
https://github.com/github/codeql/discussions/12522
You’ll be able to get access to the new CodeQL-powered static source code analysis before it ships to everyone else.
#SwiftLang #IOSdev #SAST #SecureCoding #DevSecOps #CodeQL #BetaTesting #PrivateBeta #MobileDev
#swift #opensource #github #swiftlang #iosdev #sast #securecoding #devsecops #CodeQL #betatesting #privatebeta #mobiledev
#CodeQL zero to hero part 1: the fundamentals of static analysis for vulnerability research https://github.blog/2023-03-31-codeql-zero-to-hero-part-1-the-fundamentals-of-static-analysis-for-vulnerability-research/
I open sourced a tool to create lists of repos to run GitHub CodeQL’s Multi-Repository Variant Analysis on, using a keyword search on GitHub.
It's a Bash script you can trigger with a VSCode build task. It uses the GitHub API (via the GitHub CLI) to fill a list in the VSCode settings.
It’s a stopgap before this sort of feature makes it into the product.
https://github.com/advanced-security/mrva-code-search
#MRVA #VariantAnalysis #CodeQL #GitHub #VSCode #BuildTask #SAST #VulnerabilityResearch
#mrva #variantanalysis #CodeQL #github #vscode #buildtask #sast #vulnerabilityresearch
You can now run a single static analysis query across thousands of repos on GitHub using CodeQL's MRVA (Multi-repo Variant Analysis).
That's great both for security research and rapidly auditing exposure to a single vuln or weakness for security teams.
It works from the CodeQL extension for VSCode, with open source public repos & private repos where CodeQL Code Scanning is enabled.
#GitHub #SecurityResearch #VulnerabilityResearch #CodeQL #VariantAnalysis #MRVA #SAST
#github #securityresearch #vulnerabilityresearch #CodeQL #variantanalysis #mrva #sast
Simultaneously loving and hating #CodeQL . Just as I'm starting to get the hang of #github, github goes and does a #holdmybeer on me. Great tool, just steep learning curve getting it working with manually built binaries.
In case a data flow is broken 💔 between the src & the sink, please consider debugging the #CodeQL query using partial paths. A very high ROI article by @geekmasher https://geekmasher.dev/sast/codeql/22-12-10--codeql-partical-paths/?utm_source=pocket_mylist
CodeQL path graphs are a useful aid in program understanding. In the following blog I discuss how they work and how you can create your own. https://mechanicalsympathy.nl/posts/codeql-path-graphs/ #codeql #securityresearch #codereview
#CodeQL #securityresearch #codereview
https://blog.doyensec.com//2022/10/06/semgrep-codeql.html
#CodeQL This blog post from October 2022 compares opensource Semgrep https://github.com/returntocorp/semgrep with CodeQL https://codeql.github.com/
It's now easier to get set up with CodeQL code security analysis on GitHub :github: (which is free for public repos).
For Python :python:, JavaScript :javascript:, TypeScript :typescript: and Ruby :ruby: there's now a quick "default setup" that gets you started without creating an Actions workflow file.
#github #sast #CodeQL #python #javascript #ruby
(Posting this as a reminder to self) #CodeQL looks like a fun project to follow along with on my next off-day https://frycos.github.io/vulns4free/2022/12/02/rce-in-20-minutes.html
An article from the Frycos security diary using CodeQL to look at pgAdmin which apparently can be run in a server mode.
Another fun #vulnerability #research writeup by @frycos
Pre-Auth RCE with #CodeQL in Under 20 Minutes
https://frycos.github.io/vulns4free/2022/12/02/rce-in-20-minutes.html
#vulnerability #research #CodeQL
I wrote a blogpost on how you can benefit from using CodeQL during a security code review and how CodeQL can benefit from the things you learn. Let me know what you think.
https://mechanicalsympathy.nl/posts/security-code-reviewing-with-codeql/
#applicationsecurity #CodeQL #codereview
Using CodeQL to do security audit on Nodejs + GraphQL project by @LiveOverflow
▶️ CodeQL, Code analysis engine developed by GitHub to automate security checks
#CodeQL #appsec #websec #infosec