search

hex0punk / wally

Function callpath mapping analysis tool for Go
Mozilla Public License 2.0
28 stars 0 forks source link

Update README.md #48

Closed hex0punk closed 4 months ago

dryrunsecurity[bot] commented 4 months ago

Hi there :wave:, @dryrunsecurity here, below is a summary of our analysis and findings.

DryRun Security Status Findings
Configured Codepaths Analyzer :white_check_mark: 0 findings
IDOR Analyzer :white_check_mark: 0 findings
Secrets Analyzer :white_check_mark: 0 findings
Server-Side Request Forgery Analyzer :white_check_mark: 0 findings
Authn/Authz Analyzer :white_check_mark: 0 findings
Sensitive Files Analyzer :white_check_mark: 0 findings
SQL Injection Analyzer :white_check_mark: 0 findings

[!Note] :green_circle: Risk threshold not exceeded.

Change Summary (click to expand) The following is a summary of changes in this pull request made by me, your security buddy :robot:. Note that this summary is auto-generated and not meant to be a definitive list of security issues but rather a helpful summary from a security perspective. **Summary:** The changes made in this pull request update the README.md file for the Wally application security tool. The key updates include: 1. Enhancing the section on "Using Wally in Fuzzing Efforts to Determine Fault Tolerance of Call Paths" by adding a link to a detailed explanation of how Wally can be used to determine the fault tolerance of call paths. This feature is particularly useful for security analysts and engineers when planning and executing fuzzing efforts, as it allows them to focus on the more critical, non-recoverable paths. 2. Providing more details on the command-line options for running Wally in "single function search mode" in the "Analyzing individual paths" section. This update gives users more granular control over the Wally analysis, allowing them to target specific functions and packages of interest, which can be helpful when dealing with large and complex codebases. These changes enhance the utility of the Wally tool for application security use cases, particularly around understanding the attack surface and fault tolerance of the codebase being analyzed. **Files Changed:** - `README.md`: The README.md file has been updated to improve the documentation for the Wally application security tool. The key changes include: - Enhancing the section on "Using Wally in Fuzzing Efforts to Determine Fault Tolerance of Call Paths" by adding a link to a detailed explanation of how Wally can be used to determine the fault tolerance of call paths. - Providing more details on the command-line options for running Wally in "single function search mode" in the "Analyzing individual paths" section.

Powered by DryRun Security