Skip to content

/ securitylab

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

29 Open 157 Closed
29 Open 157 Closed
Author
Filter by author
Label
Filter by label
Use alt + click/return to exclude labels.
Projects
Filter by project
Milestones
Filter by milestone
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀
[go]: Add query for detecting CORS misconfiguration All For One
#379 opened Jun 3, 2021 by gagliardetto 0 of 1
2
Java: Timing attacks while comparing results of cryptographic operations All For One
#378 opened Jun 3, 2021 by artem-smotrakov 1 of 1
2
[Java] BeanShell Injection All For One
#376 opened May 27, 2021 by haby0 1 of 1
7
[Java] JShell Injection All For One
#374 opened May 26, 2021 by haby0 1 of 1
13
[Java] CWE-502: Unsafe deserialization with three JSON frameworks All For One
#373 opened May 25, 2021 by luchua-bc 1 of 1
8
Java: Unsafe deserialization with Jackson All For One
#368 opened May 15, 2021 by artem-smotrakov 1 of 1
2
[Java]: CWE-502 Add UnsafeDeserialization sinks All For One
#367 opened May 13, 2021 by haby0 1 of 1
3
C++: Support Pqxx connector to search for sql injections to Postgres All For One
#361 opened May 5, 2021 by japroc 1 of 1
12
[Java]: CWE-665 Insecure environment during RMI/JMX Server initialisation - All for one bounty All For One
#360 opened May 4, 2021 by timoles 1 of 1
2
Java: CodeQL query for unsafe RMI deserialization All For One
#358 opened May 1, 2021 by artem-smotrakov 1 of 1
4
[JavaScript]: CWE-1004: Sensitive cookie without HttpOnly All For One
#354 opened Apr 27, 2021 by edvraa 0 of 1
6
Golang: Add query to detect CSRF vulnerabilities All For One
#353 opened Apr 26, 2021 by porcupineyhairs
3
[GO] CWE-1004: Sensitive cookie without HttpOnly All For One
#348 opened Apr 26, 2021 by edvraa 0 of 1
3
[Python] CWE-943: Add NoSQL Injection Query All For One
#342 opened Apr 14, 2021 by mrthankyou 1 of 1
8
ihsinme: CPP Add query for CWE-783 Operator Precedence Logic Error When Use Bool Type All For One
#340 opened Apr 12, 2021 by ihsinme 1 of 1
4
[C#]: HttpOnly and Secure Cookies for .NET Core and .NET All For One
#338 opened Apr 9, 2021 by edvraa 0 of 1
2
[C#]: Deserialization sinks All For One
#337 opened Apr 9, 2021 by edvraa 0 of 1
2
[codeql-go]: Mass Add Web Framework Models With the Help of Code Generation All For One
#335 opened Apr 7, 2021 by gagliardetto 0 of 1
3
[Python]: JWT security-related queries All For One
#331 opened Apr 4, 2021 by jorgectf 1 of 1
1
C# : Add query to detect Server Side Request Forgery All For One
#325 opened Mar 22, 2021 by porcupineyhairs
2
[Python] CWE-522: Insecure LDAP Authentication All For One
#321 opened Mar 18, 2021 by jorgectf 1 of 1
2
[Python] CWE-287: LDAP Improper Authentication All For One
#320 opened Mar 18, 2021 by jorgectf 1 of 1
1
[Java] CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') All For One
#317 opened Mar 18, 2021 by haby0 1 of 1
18
[Java] CWE-918: Added URLClassLoader and WebClient SSRF sinks All For One
#312 opened Mar 14, 2021 by p0wn4j 1 of 1
2
[C#] CWE-759: Query to detect password hash without a salt All For One
#233 opened Jan 13, 2021 by luchua-bc 1 of 1
17
ProTip! Add no:assignee to see everything that’s not assigned.