Skip to content

Instantly share code, notes, and snippets.

View ssrf.yml
rules:
- id: SSRF
message: |
Generic SSRF Java
metadata:
cwe: "CWE-X"
owasp: "A1: Injection"
severity: ERROR
patterns:
- pattern-either:
View crypto1.yml
rules:
- id: md5.crypto
message: |
Search for MD5
severity: ERROR
patterns:
- pattern-either:
- pattern-regex: 'MD5'
- pattern-regex: 'Md5'
- pattern-regex: 'md5'
View sql-3.yml
rules:
- id: sql.injection
message: |
SQL Injection.
metadata:
owasp: "A1: Injection"
severity: ERROR
patterns:
- pattern-either:
- pattern: | #executeQuery
View sql-2.yml
rules:
- id: sql.injection
message: |
SQL Injection.
metadata:
owasp: "A1: Injection"
severity: ERROR
patterns:
- pattern: | #executeQuery
$RETURN $METHOD(...,String $VAR, ...) {
View sql-1.yml
rules:
- id: sql.injection
message: |
SQL Injection.
metadata:
owasp: "A1: Injection"
severity: ERROR
patterns:
- pattern: $SQL = $X + $Y + $Z;
languages:
View crypto.yml
rules:
- id: crypto
message: |
Insecure Cryptographic Functions being Used. Please investigate further
severity: ERROR
patterns:
- pattern-either:
- pattern: | #Identify any parameter value being equated to Strings using equals method
$RETURN $METHOD(...,String $VAR, ...) {
...