All Classes Interface Summary Class Summary Enum Summary Exception Summary
| Class |
Description |
| AbstractHardcodedPasswordEqualsDetector |
|
| AbstractHardcodePasswordInMapDetector |
Detect hard-code password in settings map (key value configurations constructed at runtime)
|
| AbstractInjectionDetector |
Detector designed for extension to detect injection vulnerabilities
|
| AbstractTaintDetector |
Detector designed for extension to allow usage of taint analysis
|
| AndroidSqlInjectionDetector |
|
| AnonymousLdapDetector |
|
| AwsQueryInjectionDetector |
|
| BadHexadecimalConversionDetector |
|
| BasicInjectionDetector |
Detector designed for extension to detect basic injections with a list of
full method names with specified injectable arguments as taint sinks
|
| BCELUtil |
|
| BeanInjectionDetector |
|
| BroadcastDetector |
|
| ByteCode |
|
| CipherDetector |
|
| CipherWithNoIntegrityDetector |
This detector mark cipher usage that doesn't provide integrity.
|
| ClassMethodSignature |
|
| CommandInjectionDetector |
Detect the usage of Runtime and ProcessBuilder to execute system command.
|
| ConstantPasswordDetector |
General detector for hard coded passwords and cryptographic keys
|
| CookieFlagsDetector |
|
| CookieReadDetector |
|
| CorsRegistryCORSDetector |
|
| CrlfLogInjectionDetector |
Detects logging of tainted values - CRLF injection (or Improper Output Neutralization for Logs)
|
| CustomInjectionDetector |
|
| CustomMessageDigestDetector |
Implementing a custom solution for message digest should not promote.
|
| DangerousPermissionCombination |
|
| DeserializationGadgetDetector |
|
| DesUsageDetector |
Cipher identify
DES/CBC/NoPadding (56 bit)
DES/CBC/PKCS5Padding (56 bit)
DES/ECB/NoPadding (56 bit)
DES/ECB/PKCS5Padding (56 bit)
Ref: Partial list of ciphers
|
| EnabledExtensionsInApacheXmlRpcDetector |
|
| EngineRegistrar |
Registers taint analysis (dataflow engine) with analysis cache
|
| ErrorMessageExposureDetector |
Printing error messages to standard output may expose security-sensitive information,
and such an exposure of unencrypted information would be vulnerable as reported
by CWE-209 (https://cwe.mitre.org/data/deffinitions/209.html).
|
| EsapiEncryptorDetector |
This detector identify the usage of ESAPI cryptography components.
|
| ExternalConfigurationControlDetector |
Detects External Control of System or Configuration Setting weakness
using setCatalog method of java.sql.Connection
|
| ExternalFileAccessDetector |
|
| FileDisclosureDetector |
|
| FileUploadFilenameDetector |
The filename given in FileUpload API is directly taken from the HTTP request.
|
| FindSecBugsGlobalConfig |
This class contains some flag that can be used to create global configuration.
|
| FormatStringManipulationDetector |
|
| FreemarkerDetector |
Equivalent to Velocity template detector.
|
| GeolocationDetector |
|
| GoogleApiKeyDetector |
GoogleApi provide code sample to sign URL using provided API key.
|
| GroovyShellDetector |
|
| HardcodedPasswordEqualsDetector |
Detect:
|
| HardcodePasswordInMapDetector |
Detect hard-code password in settings map (key value configurations constructed at runtime)
|
| HashUnsafeEqualsDetector |
Detect hash value that are compare with the equals method.
|
| HazelcastSymmetricEncryptionDetector |
http://code.google.com/p/hazelcast/wiki/Encryption
|
| HttpParameterPollutionDetector |
|
| HttpResponseSplittingDetector |
Detects HTTP Response splitting weakness
|
| ImproperHandlingUnicodeDetector |
|
| InjectionPoint |
|
| InjectionSink |
Used to represent location of a taint sink
|
| InjectionSource |
|
| InsecureSmtpSslDetector |
|
| InstructionDSL |
|
| InsufficientKeySizeBlowfishDetector |
|
| InsufficientKeySizeRsaDetector |
Similar to the blowfish key size detector
|
| InterfaceUtils |
|
| IntuitiveHardcodePasswordDetector |
This detector will find what look like password hardcode on unknown API.
|
| InvalidStateException |
|
| InvokeMatcherBuilder |
|
| JaxRsEndpointDetector |
JAX-RS (JSR311) defines an api for REST service.
|
| JaxWsEndpointDetector |
JAX-RS (JSR224) defines an api for Web service.
|
| JschPasswordDetector |
Finds hardcoded passwords with the Jsch library (SSH client)
|
| JspIncludeDetector |
|
| JspSpringEvalDetector |
|
| JspUtils |
|
| JstlExpressionWhiteLister |
This detector will set the return value of PageContextImpl.proprietaryEvaluate as safe for XSS is some very specific case.
|
| JstlOutDetector |
|
| KotlinHardcodedPasswordEqualsDetector |
Detect:
|
| KotlinHardcodePasswordInMapDetector |
Detect hard-code password in settings map (key value configurations constructed at runtime)
|
| LdapEntryPoisoningDetector |
LDAP Entry Poisoning
For more information:
https://www.blackhat.com/docs/us-16/materials/us-16-Munoz-A-Journey-From-JNDI-LDAP-Manipulation-To-RCE-wp.pdf
|
| LdapInjectionDetector |
|
| LegacyInjectionDetector |
Detector designed for extension to detect injection vulnerabilities using
the original mechanism with InjectionSource class |
| MethodAndSink |
ClassMethodSignature and InjectionSink tuple
|
| ModificationAfterValidationDetector |
|
| NormalizationAfterValidationDetector |
|
| NullCipherDetector |
|
| ObjectDeserializationDetector |
Detect Java object deserialization
|
| OgnlInjectionDetector |
|
| OverlyPermissiveFilePermissionDetector |
|
| PathTraversalDetector |
|
| PebbleDetector |
|
| PermissiveCORSDetector |
|
| PersistentCookieDetector |
|
| PlayUnvalidatedRedirectDetector |
|
| PotentialValueTracker |
This class detect potential default value and set it to the Taint instance.
|
| PredictableRandomDetector |
|
| RedirectionSource |
|
| RedosAnnotationDetector |
Detect REDOS in validation annotation.
|
| ReDosDetector |
This detector does minimal effort to find potential REDOS.
|
| RegexRedosAnalyzer |
|
| RsaNoPaddingDetector |
|
| SamlIgnoreCommentsDetector |
More information on the vulnerability:
https://duo.com/blog/duo-finds-saml-vulnerabilities-affecting-multiple-implementations
https://github.com/spring-projects/spring-security-saml/issues/228
|
| ScalaSensitiveDataExposureDetector |
|
| SchemaFactoryDetector |
Detector for XML External Entity and External Schema processing in javax.xml.validation.SchemaFactory
|
| ScriptInjectionDetector |
|
| ServletEndpointDetector |
This detector cover the Servlet/HttpServlet API which give access to user input.
|
| SignatureParserWithGeneric |
Similar to edu.umd.cs.findbugs.ba.SignatureParser
It support the extraction of type in format such as:
- java/util/List<java/lang/String> => java.util.List & java.lang.String
|
| SinksLoader |
The sanity of the sinks file is crucial (a typo == missed API == missed vulnerability).
|
| SinksLoader.InjectionPointReceiver |
Interface that imitate lambda pattern.
|
| SmtpHeaderInjectionDetector |
|
| SpelViewDetector |
Detect a pattern that was found in multiple Spring components.
|
| SpringCsrfProtectionDisabledDetector |
Detects the disabling of Spring CSRF protection
|
| SpringCsrfUnrestrictedRequestMappingDetector |
Detects Spring CSRF unrestricted RequestMapping
|
| SpringEntityLeakDetector |
Detects Persistent Objects leak and mass updation
|
| SpringMvcEndpointDetector |
|
| SpringUnvalidatedRedirectDetector |
|
| SqlInjectionDetector |
|
| SslDisablerDetector |
|
| SSRFDetector |
|
| StackUtils |
|
| StaticIvDetector |
The main goal of the this detector is to find encryption being done with static initialization vector (IV).
|
| StdXmlTransformDetector |
Detect XSLT transformation.
|
| Struts1EndpointDetector |
|
| Struts2EndpointDetector |
|
| StrutsValidatorFormDetector |
|
| SuspiciousCommandDetector |
|
| Taint |
Representation of taint dataflow facts (dataflow values) for each slot in
TaintFrame |
| Taint.State |
|
| Taint.Tag |
|
| TaintAnalysis |
Implements taint dataflow operations, in particular meeting facts, transfer
function is delegated to TaintFrameModelingVisitor |
| TaintClassConfig |
Summary of information about a class related to taint analysis,
allows to configure default behavior for return types and type casts.
|
| TaintConfig |
Map of taint summaries for all known methods and classes
This class extends HashMap:
The key is the method signature (ie :
org/hibernate/Session.createQuery(Ljava/lang/String;)Lorg/hibernate/Query;)
The value is the behavior of the method
("0" for param index 0 is tainted,
"UNKNOWN" if the method does not become tainted base on the value,
"TAINTED" if the result must be consider unsafe)
|
| TaintConfigLoader |
Helper class for loading configured taint method and class summaries
|
| TaintConfigLoader.TaintConfigReceiver |
Specifies what to do for each loaded summary
|
| TaintDataflow |
Analysis object storing the result of taint analysis on a method
|
| TaintDataflowEngine |
Requests or creates needed objects and execute taint analysis,
extends taint summaries with analyzed methods
|
| TaintFieldConfig |
Summary of information about a class field related to taint analysis,
allows to configure default behavior for class fields.
|
| TaintFrame |
Representation of the dataflow value (fact) modeling taint state of local
variables and values on stack, consists of Taint values |
| TaintFrameAdditionalVisitor |
|
| TaintFrameModelingVisitor |
Visitor to make instruction transfer of taint values easier
|
| TaintLocation |
Global comparable specification of a taint source (or path node) location
|
| TaintMethodConfig |
Summary of information about a method related to taint analysis.
For loading sinks files please see SinksLoader |
| TaintMethodConfigWithArgumentsAndLocation |
Summary of information about a taint analysis method with configured arguments and location of the call.
Can be used to fine-tune false-positives in specific classes.
Examples:
javax/servlet/http/HttpServletRequest.getAttribute("applicationConstant"):SAFE@org/apache/jsp/edit_jsp
javax/servlet/http/HttpServletRequest.getAttribute(UNKNOWN):SAFE@org/apache/jsp/constants_jsp
|
| TaintTypeConfig |
Predecessor for method and class type summary configs
|
| TaintUtil |
|
| TapestryEndpointDetector |
Identify endpoints using the web framework Tapestry.
|
| TDesUsageDetector |
Cipher identify
DESede/CBC/NoPadding (168 bit)
DESede/CBC/PKCS5Padding (168 bit)
DESede/ECB/NoPadding (168 bit)
DESede/ECB/PKCS5Padding (168 bit)
Ref: Partial list of ciphers
|
| TransformerFactoryDetector |
Currently the detector look for a specific code sequence.
|
| TrustBoundaryViolationAttributeDetector |
Trust Boundary Violation is fancy name to describe tainted value passed directly to session attribute.
|
| TrustBoundaryViolationValueDetector |
|
| UnencryptedServerSocketDetector |
|
| UnencryptedSocketDetector |
|
| UnknownSource |
|
| UnknownSourceType |
This enum document the type of unknown source.
|
| UnsafeJacksonDeserializationDetector |
Detect unsafe Jackson datatype deserialization
|
| UnvalidatedRedirectDetector |
|
| UrlRewritingDetector |
|
| ValidatorDetector |
Detector for XML External Entity and External Schema processing in javax.xml.validation.Validator
|
| VelocityDetector |
This detector does not use taint analysis because it does not make sense to use a template engine build from
constant.
|
| WeakFilenameUtilsMethodDetector |
Few methods from org.apache.commons.io.FilenameUtils have a common weakness
of not filtering properly null byte.
|
| WeakMessageDigestDetector |
Identifies the use of MD2, MD5 and SHA1 hash function and recommends the
use of modern functions.
|
| WeakTLSDetector |
|
| WeakTrustManagerDetector |
The first reflex for developer that encounter web services that have unsigned certificate
is often to trust all certificates.
|
| WebViewJavascriptEnabledDetector |
|
| WebViewJavascriptInterfaceDetector |
|
| WicketEndpointDetector |
Identify endpoints using the web framework Wicket.
|
| WicketXssComponentDetector |
Detect calls to the method setEscapeModelStrings on various Wicket component.
|
| WorldWritableDetector |
|
| XmlDecoderDetector |
|
| XmlInjectionDetector |
Detect string concatenation that appears to be constructing XML or HTML documents.
|
| XmlStreamReaderDetector |
Currently the detector look for a specific code sequence.
|
| XPathInjectionDetector |
Detector for XPath injection
|
| XslTransformJspDetector |
|
| XssJspDetector |
|
| XssMvcApiDetector |
|
| XSSRequestWrapperDetector |
Various flavor of XSSRequestWrapper exist to do some debatable prevention.
|
| XssServletDetector |
|
| XssTwirlDetector |
|
| XxeDetector |
The SaxParser use the Xerces XML Parser engine.
|