name:"Cross Site Scripting"sources:flask:-"flask.request.args[]"-"flask.request.args.get()"sinks:flask:-"flask.make_response([0])"-"flask.Response([0]){}"-"flask.render_template_string([0])"-"flask.abort([2])"
from sca import dfg, results
from sca.flask import flask_sources, flask_sinks_xss, flask_sanitizers_xss
# Or even easier...from sca.web import web_sources, web_sinks_xss, sanitizers_xss
# XSS Query in a couple of lines
results = dfg.taint(web_sources, web_sinks_xss, sanitizers_xss)
Sanitizers
Functions or checks that cause the input to be securing used
Escaping or Encoding before the sink
Context is extremely important
Inline, Direct, and Indirect are... extremely complicated!
**Title:**
> Introduction to Static Code Analysis
**Description:**
> This talk will give an introduction into what static code analysis is, go into a deeper dive into how it's done today, and finally discuss the impact & complications around using static analysis.
**Slides:**
https://presentations.geekmasher.dev/2021-09-Defcon44131
This is not a full list but a generalist list that I have
- AST: Tree representation on the Coded parsed
- CFG: Directional Graph of the Control Flows in the Application
- DFG: Directional Graph of the Data flows in an applications
- TA:
All of these locations you can build a static code analysis tools
Source: https://en.wikipedia.org/wiki/Control-flow_graph
(a) an if-then-else
(b) a while loop
(c) a natural loop with two exits, e.g. while with an if...break in the middle; non-structured but reducible
(d) an irreducible CFG: a loop with two entry points, e.g. goto into a while or for loop
Sources:
- [How does JavaScript and JavaScript engine work in the browser and node?](https://medium.com/jspoint/how-javascript-works-in-browser-and-node-ab7d0d09ac2f)
- [Firing up the Ignition interpreter](https://v8.dev/blog/ignition-interpreter)
- [Carnegie Mellon University - Taint Analysis](https://www.cs.cmu.edu/~ckaestne/15313/2018/20181023-taint-analysis.pdf)
- [Northwestern - Static Analysis](https://users.cs.northwestern.edu/~ychen/classes/cs450-f16/lectures/10.10_Static%20Analysis.pdf)
- https://labs.f-secure.com/assets/BlogFiles/mwri-Static-Analysis-for-Code-and-Infrastructure-final-DevSecCon2016-2016-24-10.pdf