CodeQL with Alvaro Munoz

Hacker Talk

Nội dung được cung cấp bởi Firo Solutions LTD. Tất cả nội dung podcast bao gồm các tập, đồ họa và mô tả podcast đều được Firo Solutions LTD hoặc đối tác nền tảng podcast của họ tải lên và cung cấp trực tiếp. Nếu bạn cho rằng ai đó đang sử dụng tác phẩm có bản quyền của bạn mà không có sự cho phép của bạn, bạn có thể làm theo quy trình được nêu ở đây https://vi.player.fm/legal.

3y ago 53:38

M4A•Trang chủ episode

In this episode of Hacker Talk:

One of the most powerful newer static analysis tool is CodeQL.

By converting your code base into a Codeql database, you can now write

queries in a read-only way, in order to find security vulnerabilities

and problems in you Code-base.

We wanted to know more about this declarative language called "CodeQL".

Straight from Github's Security Lab, we are joined by Alvaro Munoz!

Alvaro, is a Security Researcher, Leads a team of researchers that leverage Codeql to find and model vulnerabilities at Github, with a background in research related to finding remote code execution bugs through deserialization.

Tune in as we get to hear the ins and out of CodeQL, how to get started, when Codeql was used to find a vulnerability in a public Covid-19 system, how to find vulnerabilities with Codeql and a lot more!

Topics covered:

Learning to thing outsite the box by playing Capture the flag

CodeQL declarative languages

Static code analysis

Getting a broad view of the source code

Writing queries with CodeQL to find vulnerabilities

Modeling vulnerabilities with CodeQL

The learning curve of CodeQL

Quering github repositories for vulnerabilities

Write codeql for a large amount of repositories with lgtm(use it goes before it goes EOL)

Linters vs codeql

CodeQL integrated with continuous integration pipelines

Get started with Codeql

Submit your codeql queries to Github Security Lab's Bug bounty

Best practices for writing queries

Thinking of the code as a database with codeql

Finding vulnerabilities in Covid-19 systems

Best pratices for CodeQL

Reduce false possitives

CodeQL with nvim(neovim)

Improving vim by creating a more interactive development enviroment alternative, "neovim".

LSP integration with neovim.

CodeQL with Emacs

Remote code execution bugs found with CodeQL.

Bugs found in Radar Covid App

Patterns leading to remote code execution

Auditing javascript frameworks

CodeQL vs other static analysis tools

Capture the flag codeql challanges

The future of CodeQL

External links:

https://lgtm.com/

https://github.com/pwntester

https://neovim.io/

https://en.wikipedia.org/wiki/Language_Server_Protocol

https://en.wikipedia.org/wiki/Semgrep

Covid 19 tracing app

- https://securitylab.github.com/research/securing-the-fight-against-covid19-through-oss/

- https://threatpost.com/german-covid-19-contact-tracing-vulnerability-rce/161419/

Github Security Lab web site: https://securitylab.github.com/

Join Github Security Lab Slack Channel:

https://join.slack.com/t/ghsecuritylab/shared_invite/zt-120w4vby8-_O9u9k2hPfgbju1tddBPcg

https://twitter.com/pwntester

Bounty program: https://securitylab.github.com/bounties/

https://codeql.github.com/

https://codeql.github.com/docs/codeql-overview/

http://www.pwntester.com/

https://en.wikipedia.org/wiki/Abstract_syntax_tree

https://en.wikipedia.org/wiki/Control_flow_analysis

https://github.com/github/codeql-learninglab-actions

https://github.com/anticomputer/emacs-codeql/

Special thanks too:

We want to give a huge thanks to Github's Security Lab Team for making this episode a reality!

20 tập

#Tech #Hacker Talk