codex - Dissect code, analyze logic, find flaws
The goal of the codEX Project is to develop systematic strategies and methodologies to do (semi-)automated source code analysis.
The basic idea is to create a framework which is able to dissect source code. For further analysis on a logical layer a reduced normalization is required. This is realized with a virtual compiler for different programming languages which creates a linear assembly-like structure named as MetaCode™.
Depending on this intermediate code it is possible to do a formal analysis of the dissected program with advanced propositional calculus. Syntactical mistakes (e.g. inadequate parenthesis), logical errors (e.g. off-by-one counters) and security flaws (e.g. SQL injection) can be determined very accurately. Therefore, codEX makes it very easy to find vulnerabilities within applications.