hohn/codeql-intro-csharp
1
0
Fork 0
mirror of https://github.com/hohn/codeql-intro-csharp.git synced 2025-12-17 03:03:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

Update README

Browse Source
This commit is contained in:
Michael Hohn
2024-12-03 14:38:37 -08:00
committed by =Michael Hohn
parent 2682141712
commit 1d483db5a9
1 changed files with 8 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
README.org
View File

@@ -1,29 +1,10 @@
* TODO Introduction to CodeQL * NEXT Introduction to CodeQL
1. [ ] describe the system using diagrams as reference point, with details from The full CodeQL and GHAS integration is shown [[https://htmlpreview.github.io/?https://github.com/hohn/codeql-intro-csharp/blob/mh-wip/codeql-system.drawio.svg][here]]. This document is intended
existing docs to support CodeQL workshops and presentations; it focuses on the the section
- https://github.com/hohn/codeql-visual-guides/blob/master/codeql-system.drawio.pdf, labeled 'CodeQL Running Sequence', in grids C2 through E5.
~/work-gh/codeql-visual-guides/
2. Update https://github.com/hohn/codeql-cli-end-to-end The section 'CodeQL query development sequence, using CI artifacts', in grids H0
- [ ] Send setup instructions for windows / linux -- for the laptops, not through J4, is a subset without database building.
VMs or Docker.
- old:
https://github.com/advanced-security/codeql-workshops-staging/blob/master/java/workshop-java-mismatched-loop-condition.md#setup-instructions
- better:
https://github.com/ps-resources/codeql-partner-training/blob/39bc5e8d84a8f0dd1698d9cdcc59eed98fa691b9/preparation-materials/setup-instructions.md#codeql-workshop-preparation-instructions
- ~/local/codeql-operational-view/operational-view.pdf
- [ ] windows version -- to be written.
- [ ] Suggest variant analysis for log4j etc.
- [ ] Tools:
- octopuss deploy
- progit for package management -- anito.
- Actions for building
- [ ]
3. https://github.com/hohn/codeql-workshop-sql-injection-java
- [ ] version for C#
* TODO CodeQL overview * TODO CodeQL overview
- /Users/hohn/local/codeql-dataflow-sql-injection/CodeQL-workshop-overview-only.pdf - /Users/hohn/local/codeql-dataflow-sql-injection/CodeQL-workshop-overview-only.pdf
@@ -147,8 +128,7 @@
#+END_SRC #+END_SRC
* NEXT Build CodeQL Database
* TODO Build CodeQL Database
To get started, build the codeql database (adjust paths to your setup). To get started, build the codeql database (adjust paths to your setup).
The bash version The bash version
@@ -168,7 +148,7 @@
# Successfully created database at /Users/hohn/work-gh/codeql-intro-csharp/csharp-sqli-c89fbf8. # Successfully created database at /Users/hohn/work-gh/codeql-intro-csharp/csharp-sqli-c89fbf8.
#+END_SRC #+END_SRC
* TODO Run analysis using given script and database * NEXT Run analysis using given script and database
The bash version The bash version
#+BEGIN_SRC sh #+BEGIN_SRC sh
@@ -221,7 +201,6 @@
SqliDemo/Injectable.cs:47: SqliDemo/Injectable.cs:47:
#+END_SRC #+END_SRC
* TODO Optional: Multiple Builds * TODO Optional: Multiple Builds
#+BEGIN_SRC sh #+BEGIN_SRC sh