hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-03-22 07:26:45 +01:00
Code Issues Packages Projects Releases Wiki Activity
48,607 Commits 1,712 Branches 163 Tags
f5e33ac00a3c0ea059db832dd3f17283c06c28fa
Commit Graph

1118 Commits

Author SHA1 Message Date
Rasmus Wriedt Larsen
91442e100c Python: Model sessionmaker().begin() 2021-09-02 10:19:57 +02:00
Rasmus Wriedt Larsen
feb2303e1f Python: Model the underlying DB-API connection 2021-09-02 10:19:57 +02:00
Rasmus Wriedt Larsen
1ab04a7276 Python: Model Connection.execution_options 2021-09-02 10:19:57 +02:00
Rasmus Wriedt Larsen
2acf518037 Python: Model exec_driver_sql 2021-09-02 10:19:57 +02:00
Rasmus Wriedt Larsen
fe143c7dfa Python: Rewrite most of SQLAlchemy modeling 2021-09-02 10:19:57 +02:00
jorgectf
64b305cf7a Add .qhelp along with its example 2021-08-26 23:29:45 +02:00
Jorge
d458464e6b Apply suggestions from code review 
Co-authored-by: Rasmus Wriedt Larsen <rasmuswriedtlarsen@gmail.com>
 2021-08-26 12:20:09 +02:00
jorgectf
48bca5beb8 Fix references' link anchor 2021-08-25 17:09:47 +02:00
jorgectf
e6ce10b5c5 Merge remote-tracking branch 'origin/main' into jty/python/nosqlInjection 2021-08-10 20:01:08 +02:00
jorgectf
54ed25a925 Change False and None scopes 2021-07-25 18:21:16 +02:00
jorgectf
983465963a Polish CookieWrite 2021-07-25 18:18:29 +02:00
jorgectf
65044293dd Add CookieWrite concept 2021-07-25 17:53:58 +02:00
jorgectf
66fdd530e3 Merge branch 'jorgectf/python/headerInjection' into jorgectf/python/insecure-cookie 2021-07-25 04:35:51 +02:00
jorgectf
8d0386b049 Split into getNameArg and getValueArg 2021-07-25 04:35:22 +02:00
jorgectf
4f68a1777c Write documentation and example 2021-07-25 04:07:05 +02:00
jorgectf
c8983be947 Add query 2021-07-25 04:06:44 +02:00
jorgectf
0aaa9c13bd Merge remote-tracking branch 'origin/jorgectf/python/headerInjection' into jorgectf/python/insecure-cookie 2021-07-25 03:22:16 +02:00
jorgectf
1dd77f167a Fix undetected tests 2021-07-25 01:51:52 +02:00
jorgectf
b83b31cc7a Write qldocs 2021-07-24 02:33:57 +02:00
jorgectf
0d2646fd3d Polish documentation 2021-07-24 01:23:51 +02:00
jorgectf
f9b244ecad Polish documentation 2021-07-24 01:06:05 +02:00
jorgectf
068150b1ab Finish modeling 2021-07-22 19:34:23 +02:00
jorgectf
b5e10b6c42 Write (String|Bytes)IO additional taint step 2021-07-22 19:15:30 +02:00
Jorge
f02b6d60a5 Merge branch 'github:main' into jorgectf/python/ldapinsecureauth 2021-07-22 18:49:51 +02:00
jorgectf
b03e75e3d1 Extend ldap3's start_tls and fix tests 2021-07-22 18:42:41 +02:00
jorgectf
a34d6d390e Port to ApiGraphs and finish the query 2021-07-22 18:34:57 +02:00
Rasmus Wriedt Larsen
42a997cbcb Python: Fix deprecation warning 2021-07-22 15:59:13 +02:00
Rasmus Wriedt Larsen
71e6db8a01 Merge branch 'main' into jorgectf/python/ldapimproperauth 2021-07-22 15:57:43 +02:00
Rasmus Wriedt Larsen
802d9bda83 Merge pull request #5680 from mrthankyou/python-use-sqlalchemy 
Python: Add SqlAlchemy model
 2021-07-22 15:31:39 +02:00
Taus
e9a4114c04 Python: Hotfix: Disable ReDoS queries 2021-07-22 10:58:49 +00:00
jorgectf
edb273ace5 Merge remote-tracking branch 'origin/jorgectf/python/ldapimproperauth' into jorgectf/python/ldapinsecureauth 2021-07-22 02:51:19 +02:00
jorgectf
8d84d63b94 Add Python-Jose modeling and tests 2021-07-21 21:31:53 +02:00
jorgectf
ce507beed4 Add Authlib modeling and tests 2021-07-21 21:31:35 +02:00
jorgectf
f1b3c70909 Divide JWT libraries 2021-07-21 21:29:23 +02:00
Porcuiney Hairs
c6c925d67a Python : Improve Xpath Injection Query 2021-07-20 03:31:30 +05:30
thank_you
9e01338500 Query only vulnerable methods 2021-07-18 17:13:10 -04:00
haby0
e8d0827916 Add tornado source 2021-07-05 10:42:15 +08:00
haby0
b866f1b21e Add CWE-348 ClientSuppliedIpUsedInSecurityCheck 2021-07-02 19:30:33 +08:00
jorgectf
3d2b6f7a2d Delete outdated comment 2021-07-01 17:54:46 +02:00
jorgectf
a1f48db60b Make verifiesSignature() a predicate 2021-07-01 17:51:56 +02:00
jorgectf
4079e5352e Add JWT framework to Frameworks.qll 2021-07-01 17:51:34 +02:00
jorgectf
07422a1dce Move tests under test/ 2021-07-01 17:51:00 +02:00
thank_you
0be2c6b765 Add SQLEscapySanitizerCall class 2021-06-29 19:39:46 -04:00
thank_you
986f2f4302 Add SQLEscape module 2021-06-29 19:39:26 -04:00
jorgectf
d475d52c76 Add partial modeling 2021-06-30 00:59:40 +02:00
jorgectf
c3b3bde35d Add XMLParser concept 2021-06-30 00:59:17 +02:00
jorgectf
b9fa57f518 Move tests to test/ 2021-06-30 00:58:58 +02:00
jorgectf
19a626742a Almost fix getFlaskMailArgument(...) 2021-06-29 17:28:45 +02:00
jorgectf
0819090fcb Fix qldocs typo 2021-06-29 16:53:32 +02:00
jorgectf
2f9e6454a5 Hardcode ldap2 binding functions 2021-06-29 16:14:55 +02:00