Skip to content
/ cobra Public
forked from FeeiCN/Cobra

Source Code Security Audit (源代码安全审计)

License

Notifications You must be signed in to change notification settings

infobyte/cobra

 
 

Repository files navigation

Cobra

Build Status Coverage Status GitHub (pre-)release license

asciicast

ABOUT THIS FORK

This is a fork specialized in finding vulnerabilities on Wordpress plugins.

Based in research of talk "Attacking WordPress plugins with no-style nor time"

AUTHORS OF THIS FORK

Gabriel franco @gaaabifranco

Ezequiel Tavella @EzequielTBH

Introduction(介绍)

Cobra是一款源代码安全审计工具,支持检测多种开发语言源代码中的大部分显著的安全问题和漏洞。

Features(特点)

Multi-language Supported(支持多种开发语言)

支持PHP、Java等开发语言,并支持数十种类型文件。

Multi-Vulnerabilities Supported(支持多种漏洞类型)

首批开放数万条不安全的依赖检查规则和数十条代码安全扫描规则,后续将持续开放更多扫描规则。

GUI/CLI/API Mode(命令行模式和API模式)

提供本地Web Server服务,可使用GUI可视化操作,也可支持本地API接口,方便和其它系统(发布系统、CI等)对接扩展。

Screenshot(截图)

report01 report02

Contributors(贡献者)

项目由Feei发起并主导,核心开发者LiGhT1EsSBlBana40huobraveghz,也感谢其他贡献者,欢迎提交PR。

Links(链接)

About

Source Code Security Audit (源代码安全审计)

Resources

License

Code of conduct

Stars

Watchers

Forks

Packages

No packages published

Languages

  • Python 48.5%
  • CSS 19.9%
  • HTML 14.9%
  • JavaScript 13.0%
  • Java 1.6%
  • PHP 1.3%
  • Other 0.8%