Open johnsaigle opened 3 years ago
Added some python function calls based on https://medium.com/swlh/hacking-python-applications-5d4cd541b3f1
Could add JS functionality and use well known sources and sinks for DOM based XSS, at minimum
https://portswigger.net/web-security/cross-site-scripting/dom-based, sources and sinks
UPDATE: added the sinks from the bottom of this page edefc67a08da094f71bd91e0c235f5df00cce69e
https://cwe.mitre.org/data/definitions/546.html --> more suspicious comment values to search for
Compare also with existing work from here: https://github.com/danielmiessler/SecLists/tree/master/Pattern-Matching
Some calls to dangerous C functions https://github.com/joernio/joern/blob/master/querydb/src/main/scala/io/joern/scanners/c/DangerousFunctions.scala
Go unsafe functions https://github.com/jlauinger/go-geiger
https://github.com/nbs-system/php-malware-finder/blob/master/php-malware-finder/php.yar
Extra PHP dangerous functions plus some other common tricks used by malware
e.g. https://btlr.dev/blog/how-to-find-vulnerabilities-in-code-bad-words