Rasmus Wriedt Larsen
|
e8e8d975e3
|
Python: Remove all usage of DataFlow2+TaintTracking2
(and any higher number as well)
|
2023-08-28 15:34:19 +02:00 |
|
Rasmus Wriedt Larsen
|
c665c21d83
|
Python: More style-guide renaming
Split it into multiple commits to make it easier to review.
|
2023-08-28 15:31:08 +02:00 |
|
Rasmus Wriedt Larsen
|
996364d6ee
|
Python: Fix naming style guide violations
|
2023-08-28 15:31:08 +02:00 |
|
Rasmus Wriedt Larsen
|
efec4e7ebf
|
Python: Add missing qldocs
|
2023-08-28 15:31:08 +02:00 |
|
Rasmus Wriedt Larsen
|
98538d237e
|
Python: Autoformat
|
2023-08-28 15:31:08 +02:00 |
|
Rasmus Wriedt Larsen
|
5ba8e102eb
|
Python: Adopt tests to new DataflowQueryTest
Since we want to know the _sinks_ and not just the flow, we need to
expose the config as well :|
|
2023-08-28 15:31:08 +02:00 |
|
Rasmus Wriedt Larsen
|
6961ca5234
|
Python: Rename to EmailXss
|
2023-08-28 15:31:08 +02:00 |
|
Rasmus Wriedt Larsen
|
ed0e441567
|
Python: Accept missing DataflowQueryTest implementation for now
|
2023-08-28 15:31:08 +02:00 |
|
Rasmus Wriedt Larsen
|
6d4491e0a9
|
Python: Modernize WebAppConstantSecretKey
|
2023-08-28 15:31:08 +02:00 |
|
Rasmus Wriedt Larsen
|
852b01c65d
|
Python: Move SmtpMessageConfig to new dataflow API
|
2023-08-28 15:31:08 +02:00 |
|
Rasmus Wriedt Larsen
|
d5e2a30e5b
|
Python: Modernize py/azure-storage/unsafe-client-side-encryption-in-use a bit
To use consistent naming
|
2023-08-28 15:31:08 +02:00 |
|
Rasmus Wriedt Larsen
|
bfcc194b85
|
Python: Move experimental paramiko to new dataflow API
|
2023-08-28 15:31:08 +02:00 |
|
Rasmus Wriedt Larsen
|
acd0f2a8fb
|
Python: Move experimental LDAPInsecureAuth to new dataflow API
|
2023-08-28 15:31:08 +02:00 |
|
Rasmus Wriedt Larsen
|
c6911c2ae0
|
Python: Move experimental UnicodeBypassValidation to new dataflow API
|
2023-08-28 15:31:08 +02:00 |
|
Rasmus Wriedt Larsen
|
2c06394bf3
|
Python: Move experimental CookieInjection to new dataflow API
|
2023-08-28 15:31:08 +02:00 |
|
Rasmus Wriedt Larsen
|
2c412707ab
|
Python: Move experimental CsvInjection to new dataflow API
|
2023-08-28 15:31:08 +02:00 |
|
Rasmus Wriedt Larsen
|
ace1e23c21
|
Python: Move experimental ClientSuppliedIpUsedInSecurityCheck to new dataflow API
|
2023-08-28 15:31:08 +02:00 |
|
Rasmus Wriedt Larsen
|
d948e103fa
|
Python: Move experimental HeaderInjection to new dataflow API
|
2023-08-28 15:31:08 +02:00 |
|
Rasmus Wriedt Larsen
|
53e57dad5c
|
Python: Move experimental InsecureRandomness to new dataflow API
|
2023-08-28 15:31:08 +02:00 |
|
Rasmus Wriedt Larsen
|
3bf2705668
|
Python: Move experimental TimingAttackAgainstHeaderValue to new dataflow API
|
2023-08-28 15:31:08 +02:00 |
|
Rasmus Wriedt Larsen
|
c88a0ccb7c
|
Python: Move experimental TimingAttackAgainstHash to new dataflow API
|
2023-08-28 15:31:07 +02:00 |
|
Rasmus Wriedt Larsen
|
a779547515
|
Python: Move experimental PossibleTimingAttackAgainstHash to new dataflow API
|
2023-08-28 15:31:07 +02:00 |
|
Rasmus Wriedt Larsen
|
8abd3430a2
|
Python: Move experimental TimingAttackAgainstSensitiveInfo to new dataflow API
|
2023-08-28 15:31:07 +02:00 |
|
Rasmus Wriedt Larsen
|
1a4e8d9464
|
Python: Move experimental PossibleTimingAttackAgainstSensitiveInfo to new dataflow API
|
2023-08-28 15:31:07 +02:00 |
|
Rasmus Wriedt Larsen
|
5fd3594f5f
|
Python: Move TimingAttack.qll to new dataflow API
|
2023-08-28 15:31:07 +02:00 |
|
Rasmus Wriedt Larsen
|
5d8329d9c8
|
Python: Move experimental ZipSlip to new dataflow API
|
2023-08-28 15:31:07 +02:00 |
|
Rasmus Wriedt Larsen
|
67cc3a3935
|
Python: Move experimental ReflectedXSS to new dataflow API
|
2023-08-28 15:31:07 +02:00 |
|
Rasmus Wriedt Larsen
|
a0d26741d0
|
Python: Move experimental TarSlipImprov to new dataflow API
|
2023-08-28 15:31:07 +02:00 |
|
Rasmus Wriedt Larsen
|
3cdd875e9f
|
Python: Move experimental UnsafeUnpack to new dataflow API
|
2023-08-28 15:31:07 +02:00 |
|
Rasmus Wriedt Larsen
|
3edb9d1011
|
Python: Move experimental TokenBuiltFromUUID to new dataflow API
|
2023-08-28 15:31:07 +02:00 |
|
Rasmus Wriedt Larsen
|
acde1920e7
|
Python: Move UntrustedDataToExternalAPI to new dataflow API
|
2023-08-28 15:27:50 +02:00 |
|
Rasmus Wriedt Larsen
|
657b1997cc
|
Python: Move FullServerSideRequestForgery and PartialServerSideRequestForgery to new dataflow API
|
2023-08-28 15:27:50 +02:00 |
|
Rasmus Wriedt Larsen
|
dbfe517555
|
Python: Move HardcodedCredentials to new dataflow API
|
2023-08-28 15:27:50 +02:00 |
|
Rasmus Wriedt Larsen
|
46322b717a
|
Python: Move XmlBomb to new dataflow API
|
2023-08-28 15:27:50 +02:00 |
|
Rasmus Wriedt Larsen
|
add1077532
|
Python: Move RegexInjection to new dataflow API
|
2023-08-28 15:27:50 +02:00 |
|
Rasmus Wriedt Larsen
|
c6caf83dfe
|
Python: Move PolynomialReDoS to new dataflow API
|
2023-08-28 15:27:50 +02:00 |
|
Rasmus Wriedt Larsen
|
4c336990e5
|
Python: Move XpathInjection to new dataflow API
|
2023-08-28 15:27:50 +02:00 |
|
Rasmus Wriedt Larsen
|
60e45335dd
|
Python: Move Xxe to new dataflow API
|
2023-08-28 15:27:50 +02:00 |
|
Rasmus Wriedt Larsen
|
4c76ca6127
|
Python: Move UrlRedirect to new dataflow API
|
2023-08-28 15:27:50 +02:00 |
|
Rasmus Wriedt Larsen
|
6f08e73dbc
|
Python: Move UnsafeDeserialization to new dataflow API
|
2023-08-28 15:27:50 +02:00 |
|
Rasmus Wriedt Larsen
|
dd074173d2
|
Python: Move WeakSensitiveDataHashing to new dataflow API
I adopted helper predicates to do the "heavy" lifting of .asPathNode1(), maybe I like this approach better... let me know what you think 😊
|
2023-08-28 15:27:50 +02:00 |
|
Rasmus Wriedt Larsen
|
9d6b96dfd2
|
Python: Move CleartextStorage to new dataflow API
|
2023-08-28 15:27:50 +02:00 |
|
Rasmus Wriedt Larsen
|
70095446b6
|
Python: Move CleartextLogging to new dataflow API
|
2023-08-28 15:27:50 +02:00 |
|
Rasmus Wriedt Larsen
|
cca78f31ff
|
Python: Move PamAuthorization to new dataflow API
|
2023-08-28 15:27:50 +02:00 |
|
Rasmus Wriedt Larsen
|
dcd96083e8
|
Python: Move StackTraceExposure to new dataflow API
|
2023-08-28 15:27:50 +02:00 |
|
Rasmus Wriedt Larsen
|
f75e65c67d
|
Python: Move LogInjection to new dataflow API
|
2023-08-28 15:27:50 +02:00 |
|
Rasmus Wriedt Larsen
|
88cf9c99b0
|
Python: Move CodeInjection to new dataflow API
|
2023-08-28 15:27:50 +02:00 |
|
Rasmus Wriedt Larsen
|
05573904a5
|
Python: Move LdapInjection to new dataflow API
We could have switched to a stateful config, but I tried to keep changes
as straight forward as possible.
|
2023-08-28 15:27:50 +02:00 |
|
Rasmus Wriedt Larsen
|
c360346e9e
|
Python: Move ReflectedXss to new dataflow API
|
2023-08-28 15:27:49 +02:00 |
|
Rasmus Wriedt Larsen
|
b30142c1d7
|
Python: Move CommandInjection to new dataflow API
|
2023-08-28 15:27:49 +02:00 |
|