CodeQL Semantic Code Analysis

CodeQL Semantic Code Analysis

codeql.github.com

2

About this website

CodeQL is GitHub semantic code analysis engine that enables developers and security researchers to discover vulnerabilities across codebases by treating code as a queryable database. The technology extracts relational databases from source code, representing functions, variables, expressions, and types as tables that can be queried using a declarative object-oriented query language. This approach allows security teams to write a single query that finds all variants of a vulnerability pattern, then eradicate them across the entire codebase permanently. CodeQL performs taint tracking and data flow analysis to trace how untrusted input propagates through the code to sensitive sinks, enabling detection of complex vulnerability classes including SQL injection, cross-site scripting, path traversal, unsafe deserialization, SSRF, and log injection. The tool supports multiple languages including C, C Plus Plus, C Sharp, Go, Java, Kotlin, JavaScript, TypeScript, Python, Ruby, and Swift. CodeQL is free for research and open source use through the CodeQL CLI and VS Code extension. It powers GitHub code scanning in GitHub Advanced Security, automatically running on pull requests and providing results directly in the GitHub UI. GitHub Security Lab publishes and maintains over 400 standard CodeQL queries, and runs the annual Security Lab CTF challenge to train security researchers on writing custom CodeQL queries.

Tags & Categories

Categories

Tags

Statistics

2
Views
0
Clicks
0
Like
0
Dislike

Comments

Log In to post a comment

No comments yet. Be the first!