Chanel Young
|
f375b81272
|
remove reference to command injection owasp
|
2025-04-22 09:26:48 -07:00 |
|
Chanel
|
3a66e8e71a
|
Update powershell/ql/src/experimental/UsernameOrPasswordParameter.qhelp
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
|
2025-04-22 09:20:45 -07:00 |
|
Chanel
|
f82cfc7bd4
|
Update powershell/ql/src/experimental/UsernameOrPasswordParameter.qhelp
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
|
2025-04-22 09:20:31 -07:00 |
|
Chanel
|
6419794f3b
|
Update powershell/ql/src/experimental/HardcodedComputerName.qhelp
Co-authored-by: Mathias Vorreiter Pedersen <mathiasvp@github.com>
|
2025-04-22 09:18:31 -07:00 |
|
Chanel Young
|
faa47f9bfb
|
ConvertToSecureStringAsPlainText
|
2025-04-22 09:17:57 -07:00 |
|
Chanel Young
|
7432884af0
|
Merge branch 'main' into psscriptanalyzer-port
|
2025-04-22 09:00:08 -07:00 |
|
Mathias Vorreiter Pedersen
|
09ebc76a23
|
PS: Accept test changes.
|
2025-04-22 15:32:35 +01:00 |
|
Mathias Vorreiter Pedersen
|
e9fd50b67c
|
PS: Handle switch arguments by synthesizing a boolean true literal and represent them as named arguments.
|
2025-04-22 15:28:43 +01:00 |
|
Mathias Vorreiter Pedersen
|
72266cb000
|
PS: Drive-by cleanup in Constant.qll
|
2025-04-22 15:12:14 +01:00 |
|
Mathias Vorreiter Pedersen
|
b9fdc78c16
|
PS: Add argument tests.
|
2025-04-22 15:12:00 +01:00 |
|
Chanel Young
|
43954b7262
|
removed irrelevant tags
|
2025-04-21 17:01:12 -07:00 |
|
Chanel Young
|
e91912e30d
|
cleanup
|
2025-04-21 16:50:36 -07:00 |
|
Chanel Young
|
7359f912c5
|
added initial psscriptanalyzer rules, docs, tests
|
2025-04-21 16:44:52 -07:00 |
|
Chanel
|
37a6b0460e
|
Merge branch 'main' into fix-to-string-on-unknown-static-read
|
2025-04-18 09:21:15 -07:00 |
|
Mathias Vorreiter Pedersen
|
4518f18b9f
|
PS: Delete a cycle in the upgrade script.
|
2025-04-18 12:41:13 +01:00 |
|
Mathias Vorreiter Pedersen
|
e7e88d3946
|
PS: Add upgrade script from some unknown dbscheme to the dbscheme that existed when Mathias joined Microsoft
|
2025-04-18 12:40:58 +01:00 |
|
Chanel Young
|
12b918e900
|
pr feedback: removed toString, updated .expected
|
2025-04-17 10:39:42 -07:00 |
|
Mathias Vorreiter Pedersen
|
b70f7e219c
|
PS: Fix missing toString and accept test changes.
|
2025-04-17 17:01:33 +01:00 |
|
Mathias Vorreiter Pedersen
|
7d7268349d
|
PS: Add an example with a missing toString.
|
2025-04-17 16:53:26 +01:00 |
|
Mathias Vorreiter Pedersen
|
b09d9f6772
|
PS: Autoformat.
|
2025-04-17 16:49:47 +01:00 |
|
Chanel Young
|
ed553d393b
|
merged work into CommandInjection query
|
2025-04-16 14:32:30 -07:00 |
|
Chanel Young
|
2266cd2eb8
|
moved folder, added tests/docs
|
2025-04-16 12:13:07 -07:00 |
|
Chanel Young
|
50a771edee
|
Merge branch 'main' into powershell-injectionhunter-port
|
2025-04-16 11:19:26 -07:00 |
|
Chanel Young
|
5f643509f0
|
added script block, expandstring sinks, moved sanitizers to separate file
|
2025-04-16 11:18:02 -07:00 |
|
Mathias Vorreiter Pedersen
|
396a283da9
|
PS: Add tests for flow sources.
|
2025-04-15 22:43:21 +01:00 |
|
Mathias Vorreiter Pedersen
|
826e6a9ee8
|
PS: Add an inline expectations test library for flow sources.
|
2025-04-15 22:43:19 +01:00 |
|
Mathias Vorreiter Pedersen
|
dcc127832e
|
PS: Make remote flow sources flow sources.
|
2025-04-15 22:43:18 +01:00 |
|
Mathias Vorreiter Pedersen
|
fa3fc4a0c3
|
PS: Fix more problems in MaD rows for sources.
|
2025-04-15 22:43:16 +01:00 |
|
Mathias Vorreiter Pedersen
|
a146630a09
|
PS: Delete redundant files.
|
2025-04-15 22:43:14 +01:00 |
|
Mathias Vorreiter Pedersen
|
43d9c701f8
|
PS: Rename Field and Property to Member.
|
2025-04-15 22:43:03 +01:00 |
|
Mathias Vorreiter Pedersen
|
f38948764c
|
PS: Make type names lower case.
|
2025-04-15 22:36:31 +01:00 |
|
Mathias Vorreiter Pedersen
|
993511735a
|
PS: Make method names lower case.
|
2025-04-15 22:02:46 +01:00 |
|
Chanel Young
|
b4d8673a38
|
Merge branch 'main' of https://github.com/microsoft/codeql into powershell-injectionhunter-port
|
2025-04-14 15:18:37 -07:00 |
|
Mathias Vorreiter Pedersen
|
6455992402
|
PS: Add two more flow sources.
|
2025-04-10 20:44:11 +01:00 |
|
Mathias Vorreiter Pedersen
|
3d18175885
|
PS: Make it possible to specify a named argument that must be present in MaD.
|
2025-04-10 20:42:50 +01:00 |
|
Mathias Vorreiter Pedersen
|
43de3a131b
|
PS: Use the existing MaD rows to model file reads as flow sources.
|
2025-04-10 20:25:17 +01:00 |
|
Mathias Vorreiter Pedersen
|
4aa9f85b5d
|
PS: Accept test changes.
|
2025-04-10 19:02:54 +01:00 |
|
Mathias Vorreiter Pedersen
|
9adf028d41
|
PS: Fix environment variables.
|
2025-04-10 19:02:07 +01:00 |
|
Mathias Vorreiter Pedersen
|
bf9ed3bcb7
|
PS: Accept test changes.
|
2025-04-10 18:52:27 +01:00 |
|
Mathias Vorreiter Pedersen
|
6084789f09
|
PS: Fix the top level arguments after the AST cleanup.
|
2025-04-10 18:50:06 +01:00 |
|
Mathias Vorreiter Pedersen
|
793fd5eb7e
|
PS: Delete a redundant file.
|
2025-04-10 18:49:45 +01:00 |
|
Mathias Vorreiter Pedersen
|
f8207fa92a
|
PS: Add a testcase to demonstrate flow through Join-String.
|
2025-04-09 15:20:41 +01:00 |
|
Mathias Vorreiter Pedersen
|
ebb91dceb7
|
PS: Add a few more models after fixing MaD for Element content.
|
2025-04-09 15:20:39 +01:00 |
|
Mathias Vorreiter Pedersen
|
6de4765fe6
|
PS: Support implicit imports in API graphs.
|
2025-04-09 15:20:38 +01:00 |
|
Mathias Vorreiter Pedersen
|
a5afc3c582
|
PS: Flow through pipelines.
|
2025-04-09 15:20:36 +01:00 |
|
Mathias Vorreiter Pedersen
|
5f12d7c970
|
PS: Taint flow through all calls to 'toString'.
|
2025-04-09 15:20:35 +01:00 |
|
Mathias Vorreiter Pedersen
|
763effb50d
|
PS: Add more models and support pipeline parameters in MaD.
|
2025-04-09 15:20:33 +01:00 |
|
Mathias Vorreiter Pedersen
|
f38c5f5b4f
|
PS: Add lots of models.
|
2025-04-09 15:20:32 +01:00 |
|
Chanel Young
|
6db354e82d
|
Merge branch 'main' of https://github.com/microsoft/codeql into powershell-injectionhunter-port
|
2025-04-04 09:20:29 -07:00 |
|
Chanel Young
|
38f0f07d57
|
modeled some user input, sanitizers
|
2025-04-04 09:03:39 -07:00 |
|