Philippe Arteau h3xstream

h3xstream commented on pull request h3xstream/find-sec-bugs#63
@h3xstream

Quick update : The pull request will be integrated soon. I just did not get the time to look at the changes set.

@h3xstream

Now that I you mention it, I realize I should have look at the existing Constant Flow Analysis. I will rethink about it..

@h3xstream

@formanek I probably misunderstood your comment. Did you implement a new dataflow mechanism? (I am very open to integrate new ideas) Here is a quic…

@h3xstream
@h3xstream
@h3xstream

Than this is most likely a bug in ZAP itself. The plugin was started with ZAP api 2.2.2 (reason for the requirement). The metadata file was working…

@h3xstream

@formanek I will do some minor tweaking to support conditional statements. Most of it is done. I was thinking about creating a Wiki page to explain…

@h3xstream
  • @h3xstream 43e579a
    New injection analysis that aim to minimize false positive including …
@h3xstream

I will need some information (error message or stack trace). If you don't have any error message, start ZAP this way. {{{ cd ZAP_DIRECTORY java -ja…

h3xstream commented on pull request ilmila/J2EEScan#3
@h3xstream

I have push the actual rule implementation 48f98b2 Move Pattern instance from local variable to static field It avoid recompiling the regex on each…