Skip to content

Project Ideas VulnerableCode Exploits as alternative to scanner

Jump to bottom
Philippe Ombredanne edited this page Mar 1, 2022 · 1 revision

Exploits references as alternative to scanners.

This is a fairly ambitious project idea with a lot of undetermined moving parts. This idea outline would be:

  1. Collect exploits and PoC code as structured reference for a vulnerability
  2. First we detect (say with ScanCode or else) which packages may exist (may be without a discovered version)
  3. Second for each packages, and for each vulnerability, run the exploit(s) or PoC against the code being analyzed (that's a big piece of its own: VM? Container, how to run this?)
  4. If the codebase is found vulnerable, it means that the vulnerability exists for this package vulnerability. We do not have to run any complex analysis to determine if the vulnerable code is present or used: we have proved that it is used and was effectively used to trigger the vulnerability

The hard part of 3.: setting up a controlled environment where a PoC can be tried is a a complex task that is hard to automate at any scale.

http://aboutcode.org/

Clone this wiki locally