hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2025-12-23 12:16:33 +01:00
Code Issues Packages Projects Releases Wiki Activity
63,284 Commits 1,672 Branches 157 Tags
792f302bd4dee4c7558e2ce5bbea7edb51f9896f
Commit Graph

409 Commits

Author SHA1 Message Date
Ahmed Farid
f956fe12d5 Rename python/ql/test/experimental/query-tests/Security/CWE-208/TimingAttackAgainstHeaderValue.qlref to python/ql/test/experimental/query-tests/Security/CWE-208/TimingAttackAgainstHeaderValue/TimingAttackAgainstHeaderValue.qlref 2022-08-16 16:28:17 +01:00
Ahmed Farid
6536b602df Rename python/ql/test/experimental/query-tests/Security/CWE-208/TimingAttackAgainstHeaderValue.expected to python/ql/test/experimental/query-tests/Security/CWE-208/TimingAttackAgainstHeaderValue/TimingAttackAgainstHeaderValue.expected 2022-08-16 16:28:00 +01:00
Ahmed Farid
b8fe0e2eee Rename python/ql/test/experimental/query-tests/Security/CWE-208/TimingAttackAgainstHeader.py to python/ql/test/experimental/query-tests/Security/CWE-208/TimingAttackAgainstHeaderValue/TimingAttackAgainstHeader.py 2022-08-16 16:27:45 +01:00
Ahmed Farid
87b67ed64f Rename python/ql/test/experimental/query-tests/Security/CWE-208/TimingAttackAgainstHash.py to python/ql/test/experimental/query-tests/Security/CWE-208/TimingAttackAgainstHash/TimingAttackAgainstHash.py 2022-08-16 16:27:19 +01:00
Ahmed Farid
fa3940f69a Rename python/ql/test/experimental/query-tests/Security/CWE-208/PossibleTimingAttackAgainstHash.qlref to python/ql/test/experimental/query-tests/Security/CWE-208/TimingAttackAgainstHash/PossibleTimingAttackAgainstHash.qlref 2022-08-16 16:27:02 +01:00
Ahmed Farid
6a94d45643 Rename python/ql/test/experimental/query-tests/Security/CWE-208/PossibleTimingAttackAgainstHash.expected to python/ql/test/experimental/query-tests/Security/CWE-208/TimingAttackAgainstHash/PossibleTimingAttackAgainstHash.expected 2022-08-16 16:26:45 +01:00
Ahmed Farid
31ecb0727f Rename TimingAttackAgainstHeader.expected to TimingAttackAgainstHeaderValue.expected 2022-08-16 14:50:54 +01:00
Ahmed Farid
d8719f3b1f Rename TimingAttackAgainstSensitiveInfo.expected to PossibleTimingAttackAgainstSensitiveInfo.expected 2022-08-16 14:50:21 +01:00
Ahmed Farid
67476d0a36 Rename TimingAttackAgainstSensitiveInfo.qlref to PossibleTimingAttackAgainstSensitiveInfo.qlref 2022-08-16 13:36:59 +01:00
Ahmed Farid
e8376a522c Update TimingAttackAgainstHeaderValue.qlref 2022-08-16 13:35:20 +01:00
Ahmed Farid
ecbe663c2f Update TimingAttackAgainstSensitiveInfo.qlref 2022-08-16 13:34:24 +01:00
Ahmed Farid
1dd4400c67 Update PossibleTimingAttackAgainstHash.qlref 2022-08-16 13:33:17 +01:00
Ahmed Farid
44f054bede Update PossibleTimingAttackAgainstHash.expected 2022-08-16 12:31:33 +01:00
Ahmed Farid
abc49bd62b Update TimingAttackAgainstHeader.py 2022-08-16 12:06:34 +01:00
Ahmed Farid
68cf084b8f Update TimingAttackAgainstSensitiveInfo.expected 2022-08-16 12:03:14 +01:00
Ahmed Farid
c85ad1b2c0 Update TimingAttackAgainstHash.py 2022-08-16 11:50:37 +01:00
Ahmed Farid
5ecadd06ae Update TimingAttackAgainstHash.py 2022-08-15 15:21:10 +01:00
Ahmed Farid
f2bf58bdb6 Update TimingAttackAgainstSensitiveInfo.py 2022-08-15 15:16:30 +01:00
Ahmed Farid
18b103dbd5 Update TimingAttackAgainstHash.py 2022-08-15 11:29:29 +01:00
Ahmed Farid
7d23b80582 Update TimingAttackAgainstHash.py 2022-08-15 11:29:09 +01:00
Ahmed Farid
521dbd0e82 Update TimingAttackAgainstSensitiveInfo.py 2022-08-15 11:28:51 +01:00
Ahmed Farid
5de103303d Update TimingAttackAgainstHeader.py 2022-08-15 11:26:34 +01:00
Ahmed Farid
7cb1683f5b Update TimingAttackAgainstSensitiveInfo.py 2022-08-15 11:21:40 +01:00
Ahmed Farid
01490414e8 Update TimingAttackAgainstHeader.py 2022-08-12 12:25:31 +01:00
Ahmed Farid
ae4ded08fa Update and rename TimingAttackAgainstHeader.qlref to TimingAttackAgainstHeaderValue.qlref 2022-08-04 12:42:52 +01:00
Ahmed Farid
e3340c9345 Update TimingAttackAgainstSensitiveInfo.py 2022-07-27 00:25:42 +01:00
Ahmed Farid
ad57ff4def Rename PossibleTimingAttackAgainstSignature.qlref to PossibleTimingAttackAgainstHash.qlref 2022-07-26 23:56:24 +01:00
Ahmed Farid
f35985097d Update and rename PossibleTimingAttackAgainstSignature.expected to PossibleTimingAttackAgainstHash.expected 2022-07-26 23:50:44 +01:00
Ahmed Farid
4f082e28e5 Update and rename TimingAttackAgainstSignature.py to TimingAttackAgainstHash.py 2022-07-20 12:26:57 +01:00
Ahmed Farid
b3925ae988 Update PossibleTimingAttackAgainstSignature.qlref 2022-07-20 00:57:26 +01:00
root
655b9d4262 Python: Timing attack 2022-06-27 12:18:45 -04:00
yoff
699761889d Merge pull request #7127 from jty-team/jty/python/emailInjection 
Python: CWE-079 - Add Email injection query
 2022-06-14 10:54:16 +02:00
jorgectf
e577a0e836 Update .expected tests 2022-05-27 00:13:40 +02:00
${sleep,7}
76c27c685f Merge branch 'main' into jty/python/emailInjection 2022-05-26 16:27:57 -04:00
yoff
aadfa8eacd Merge branch 'main' into py/CsvInjection 2022-05-25 10:43:08 +02:00
Rasmus Wriedt Larsen
6611e5b4b8 Merge branch 'main' into promote-pam 2022-05-18 10:35:39 +02:00
Erik Krogh Kristensen
7245591468 Merge pull request #7763 from erik-krogh/unused-field 
QL: add unused-field query
 2022-05-18 09:15:16 +02:00
Rasmus Wriedt Larsen
cff950f5f7 Python: Fix select of py/insecure-cookie 2022-05-11 14:06:30 +02:00
Rasmus Wriedt Larsen
0956d506de Python: Actually promote py/pam-auth-bypass 
🤦
 2022-05-11 13:44:47 +02:00
Rasmus Wriedt Larsen
fc8633cc01 Python: Fix select for py/cookie-injection 2022-05-11 13:18:14 +02:00
Rasmus Wriedt Larsen
d127d2164a Merge branch 'main' into jorgectf/python/insecure-cookie 2022-05-11 11:13:47 +02:00
Rasmus Wriedt Larsen
7e87e18b32 Python: Adjust name/description/select of PamAuthorization.ql 
Thought that calling out the actual vulnerability would make things
easier for our end users :)
 2022-05-10 18:02:17 +02:00
Rasmus Wriedt Larsen
cb17e2a649 Merge pull request #8595 from porcupineyhairs/pypam 
Python : Add query to detect PAM authorization bypass
 2022-05-10 13:35:12 +02:00
Rasmus Wriedt Larsen
2421076d2f Merge pull request #8696 from RasmusWL/new-nosql-examples 
Python: Improve experimental modeling for `pymongo`
 2022-05-10 11:03:05 +02:00
Rasmus Wriedt Larsen
c218162104 Merge branch 'main' into pypam 2022-05-09 14:20:05 +02:00
Rasmus Wriedt Larsen
3c1a37e7e1 Merge branch 'main' into new-nosql-examples 2022-05-02 11:21:36 +02:00
${sleep,7}
b5734ed6a2 Merge branch 'main' into jty/python/emailInjection 2022-04-20 09:50:08 -04:00
Rasmus Wriedt Larsen
bb6969a175 Merge branch 'main' into promote-xxe 2022-04-20 13:42:02 +02:00
Rasmus Wriedt Larsen
6235dc5039 Python: Handle find_library assignment to temp variable 2022-04-13 11:44:15 +02:00
Porcupiney Hairs
785dc1af3c Include changes from review 2022-04-12 21:17:39 +05:30