hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-18 01:33:15 +01:00
Code Issues Packages Projects Releases Wiki Activity
82,577 Commits 1,671 Branches 157 Tags
testing-power-shell-on-dca
Commit Graph

147 Commits

Author SHA1 Message Date
Mathias Vorreiter Pedersen
e96e464855 PS: Accept test changes. 2025-08-11 14:22:19 +01:00
Mathias Vorreiter Pedersen
ffc53d7764 PS: Accept test changes. 2025-07-24 20:03:59 +01:00
Mathias Vorreiter Pedersen
71fec26542 PS: Lower case all parameter types. 2025-07-24 18:07:59 +01:00
Mathias Vorreiter Pedersen
f9c3bde6d5 PS: Fix false positive by adding a type-based sanitizer. 2025-07-24 18:06:06 +01:00
Mathias Vorreiter Pedersen
e7956301a4 PS: Add false positive. 2025-07-24 18:00:49 +01:00
Mathias Vorreiter Pedersen
7991eb4919 PS: Accept test changes. 2025-07-24 00:16:20 +01:00
Chanel Young
4e0ea04d3b add query, tests 2025-07-23 11:16:11 -07:00
Chanel
d78280ea0f Merge branch 'main' into powershell-unsafe-deserialization 2025-07-22 10:07:10 -07:00
Chanel Young
1149d33691 updated .expected test file 2025-07-17 13:19:07 -07:00
Mathias Vorreiter Pedersen
b72af27e81 PS: Add tests showing that there is no flow starting at environment variables, but we still have flow through them. 2025-07-17 20:05:21 +01:00
Mathias Vorreiter Pedersen
a95f3b3f47 PS: Accept test changes. 2025-07-17 19:01:09 +01:00
Mathias Vorreiter Pedersen
2541bcdf5e PS: Add test cases. 2025-07-17 18:59:19 +01:00
Chanel Young
cb8496bbfe added queries, tests, docs 2025-07-16 14:27:23 -07:00
Mathias Vorreiter Pedersen
72af800101 PS: Accept test changes. 2025-07-16 14:33:02 +01:00
Mathias Vorreiter Pedersen
670ad745ca PS: Add false negative. 2025-07-16 14:32:42 +01:00
Mathias Vorreiter Pedersen
5f07641bd3 PS: Fix false positive by fixing the 'getCommand' predicates in 'CallOperatorCfgNode' and 'CallOperator'. Also fix 'DotSourcingOperator::getPath' while here. 2025-07-16 14:31:51 +01:00
Mathias Vorreiter Pedersen
75d37dcead PS: Add false positive. 2025-07-16 13:46:44 +01:00
Mathias Vorreiter Pedersen
d1988774a3 PS: Add more flow sources and accept test changes. 2025-07-09 12:22:33 +01:00
Mathias Vorreiter Pedersen
1816356515 PS: Add test with missing remote flow. 2025-07-09 12:20:41 +01:00
Mathias Vorreiter Pedersen
3101cc81e6 Merge pull request #253 from microsoft/add-set-execution-policy-bypass-query 
PS: Add query for insecure uses of `Set-ExecutionPolicy`
 2025-07-07 19:33:06 +01:00
Mathias Vorreiter Pedersen
398d27b779 PS: Fix missing AST child. 2025-07-07 19:15:18 +01:00
Mathias Vorreiter Pedersen
28de6ede04 PS: Also require '-Force' with a truthy value. Note the 'NOT DETECTED' test. We will fix that in the next commit. 2025-07-07 19:14:01 +01:00
Mathias Vorreiter Pedersen
1d64a7949b Merge pull request #252 from microsoft/add-more-remote-flow-sources 
PS: Add flow sources from `System.Net.WebClient`
 2025-07-07 14:50:03 +01:00
Mathias Vorreiter Pedersen
4e524a189d PS: Add tests. 2025-07-04 19:44:49 +01:00
Mathias Vorreiter Pedersen
766cf826bb PS: Add more models and accept test changes. 2025-07-04 18:01:45 +01:00
Mathias Vorreiter Pedersen
bd9043576d PS: Add test with missing remote flow source. 2025-07-04 18:00:19 +01:00
Chanel
8aa8dde439 Merge branch 'main' into powershell-commandinjection-invokesinkfix 2025-07-04 09:59:15 -07:00
Mathias Vorreiter Pedersen
eec092c4c4 PS: Mark the BAD results in the test appropriately. 2025-07-04 11:13:15 +01:00
Mathias Vorreiter Pedersen
7d07773a33 PS: Accept test changes. 2025-07-04 11:12:55 +01:00
Mathias Vorreiter Pedersen
cb89695c1d PS: Improve alert message. 2025-06-20 20:40:53 +01:00
Mathias Vorreiter Pedersen
9032d863bd PS: Accept test changes. 2025-06-20 16:40:44 +01:00
Mathias Vorreiter Pedersen
1ff04d9f94 PS: Add new false negative. 2025-06-20 16:30:49 +01:00
Mathias Vorreiter Pedersen
72178f0a36 PS: Accept test changes. 2025-06-20 14:54:39 +01:00
Mathias Vorreiter Pedersen
25d94fabcc PS: Add false positive to 'ps/sql-injection'. 2025-06-20 14:51:17 +01:00
Mathias Vorreiter Pedersen
0912cc337f PS: Accept test changes. 2025-06-20 14:25:58 +01:00
Mathias Vorreiter Pedersen
b82bd2cd2f PS: Add false positive to 'ps/sql-injection'. 2025-06-20 14:23:55 +01:00
Chanel Young
f882af95d8 update to invokesink 2025-06-12 14:30:46 -07:00
Mathias Vorreiter Pedersen
a410e85d85 PS: Accept test changes. 2025-05-21 16:35:07 +01:00
Mathias Vorreiter Pedersen
2f03911b45 PS: Accept test changes. 2025-04-30 20:20:07 +01:00
Mathias Vorreiter Pedersen
dbfd07024d PS: Add some tests for string literals. 2025-04-30 13:46:43 +01:00
Mathias Vorreiter Pedersen
c6678949b9 PS: Add query test for the new SQL injection query. 2025-04-29 17:57:59 +01:00
Mathias Vorreiter Pedersen
c015c746b8 PS: Lower case more predicate results for consistency. 2025-04-29 17:45:04 +01:00
Mathias Vorreiter Pedersen
4d00aa39ea Merge pull request #213 from microsoft/powershell-better-api-for-normalizednames 
PS: Better API for normalizing names + get rid of warnings
 2025-04-24 12:09:24 +01:00
Dilan Bhalla
084c75c8cf changing microsoft-sdl/powershell-all to microsoft/powershell-all 2025-04-23 10:45:45 -07:00
Mathias Vorreiter Pedersen
9e83dee8fe PS: Accept test changes. 2025-04-23 15:16:29 +01:00
Mathias Vorreiter Pedersen
f5e7af1df6 PS: Fix tests. 2025-04-23 15:16:26 +01:00
Chanel Young
faa47f9bfb ConvertToSecureStringAsPlainText 2025-04-22 09:17:57 -07:00
Chanel Young
7432884af0 Merge branch 'main' into psscriptanalyzer-port 2025-04-22 09:00:08 -07:00
Mathias Vorreiter Pedersen
09ebc76a23 PS: Accept test changes. 2025-04-22 15:32:35 +01:00
Mathias Vorreiter Pedersen
b9fdc78c16 PS: Add argument tests. 2025-04-22 15:12:00 +01:00