├── .github ├── ISSUE_TEMPLATE │ ├── Bug_report.md │ ├── Feature_request.md │ └── Support.md ├── codeql │ └── codeql-config.yml └── workflows │ ├── codeql-analysis.yml │ └── spotbugs.yml ├── .gitignore ├── .travis.yml ├── CHANGELOG.md ├── CONTRIBUTING.md ├── LGPL-3.0-header.txt ├── LGPL-3.0.txt ├── LICENSE ├── README.md ├── SECURITY.md ├── cli ├── .gitignore ├── README.md ├── build.gradle ├── findsecbugs.bat ├── findsecbugs.sh ├── gradle.properties └── include.xml ├── findsecbugs-plugin ├── derived-config.txt ├── pom.xml ├── src │ ├── main │ │ ├── java │ │ │ └── com │ │ │ │ └── h3xstream │ │ │ │ └── findsecbugs │ │ │ │ ├── BCELUtil.java │ │ │ │ ├── DangerousPermissionCombination.java │ │ │ │ ├── ExternalConfigurationControlDetector.java │ │ │ │ ├── FindSecBugsGlobalConfig.java │ │ │ │ ├── HttpResponseSplittingDetector.java │ │ │ │ ├── ImproperHandlingUnicodeDetector.java │ │ │ │ ├── ModificationAfterValidationDetector.java │ │ │ │ ├── NormalizationAfterValidationDetector.java │ │ │ │ ├── PermissiveCORSDetector.java │ │ │ │ ├── PredictableRandomDetector.java │ │ │ │ ├── ReDosDetector.java │ │ │ │ ├── RedosAnnotationDetector.java │ │ │ │ ├── RegexRedosAnalyzer.java │ │ │ │ ├── StrutsValidatorFormDetector.java │ │ │ │ ├── WeakFilenameUtilsMethodDetector.java │ │ │ │ ├── android │ │ │ │ ├── BroadcastDetector.java │ │ │ │ ├── ExternalFileAccessDetector.java │ │ │ │ ├── GeolocationDetector.java │ │ │ │ ├── WebViewJavascriptEnabledDetector.java │ │ │ │ ├── WebViewJavascriptInterfaceDetector.java │ │ │ │ └── WorldWritableDetector.java │ │ │ │ ├── common │ │ │ │ ├── ByteCode.java │ │ │ │ ├── InterfaceUtils.java │ │ │ │ ├── JspUtils.java │ │ │ │ ├── StackUtils.java │ │ │ │ ├── TaintUtil.java │ │ │ │ └── matcher │ │ │ │ │ ├── InstructionDSL.java │ │ │ │ │ └── InvokeMatcherBuilder.java │ │ │ │ ├── cookie │ │ │ │ ├── CookieFlagsDetector.java │ │ │ │ ├── CookieReadDetector.java │ │ │ │ ├── PersistentCookieDetector.java │ │ │ │ └── UrlRewritingDetector.java │ │ │ │ ├── crypto │ │ │ │ ├── BadHexadecimalConversionDetector.java │ │ │ │ ├── CipherWithNoIntegrityDetector.java │ │ │ │ ├── CustomMessageDigestDetector.java │ │ │ │ ├── ErrorMessageExposureDetector.java │ │ │ │ ├── EsapiEncryptorDetector.java │ │ │ │ ├── HazelcastSymmetricEncryptionDetector.java │ │ │ │ ├── InsecureSmtpSslDetector.java │ │ │ │ ├── InsufficientKeySizeBlowfishDetector.java │ │ │ │ ├── InsufficientKeySizeRsaDetector.java │ │ │ │ ├── NullCipherDetector.java │ │ │ │ ├── StaticIvDetector.java │ │ │ │ ├── UnencryptedServerSocketDetector.java │ │ │ │ ├── UnencryptedSocketDetector.java │ │ │ │ ├── WeakMessageDigestDetector.java │ │ │ │ ├── WeakTLSDetector.java │ │ │ │ ├── WeakTrustManagerDetector.java │ │ │ │ └── cipher │ │ │ │ │ ├── CipherDetector.java │ │ │ │ │ ├── DesUsageDetector.java │ │ │ │ │ ├── RsaNoPaddingDetector.java │ │ │ │ │ └── TDesUsageDetector.java │ │ │ │ ├── csrf │ │ │ │ ├── SpringCsrfProtectionDisabledDetector.java │ │ │ │ └── SpringCsrfUnrestrictedRequestMappingDetector.java │ │ │ │ ├── endpoint │ │ │ │ ├── JaxRsEndpointDetector.java │ │ │ │ ├── JaxWsEndpointDetector.java │ │ │ │ ├── ServletEndpointDetector.java │ │ │ │ ├── SpringMvcEndpointDetector.java │ │ │ │ ├── Struts1EndpointDetector.java │ │ │ │ ├── Struts2EndpointDetector.java │ │ │ │ ├── TapestryEndpointDetector.java │ │ │ │ └── WicketEndpointDetector.java │ │ │ │ ├── file │ │ │ │ ├── FileUploadFilenameDetector.java │ │ │ │ ├── OverlyPermissiveFilePermissionDetector.java │ │ │ │ ├── PathTraversalDetector.java │ │ │ │ └── SuspiciousCommandDetector.java │ │ │ │ ├── groovy │ │ │ │ └── GroovyShellDetector.java │ │ │ │ ├── injection │ │ │ │ ├── AbstractInjectionDetector.java │ │ │ │ ├── AbstractTaintDetector.java │ │ │ │ ├── BasicInjectionDetector.java │ │ │ │ ├── ClassMethodSignature.java │ │ │ │ ├── InjectionPoint.java │ │ │ │ ├── InjectionSink.java │ │ │ │ ├── InjectionSource.java │ │ │ │ ├── LegacyInjectionDetector.java │ │ │ │ ├── MethodAndSink.java │ │ │ │ ├── SinksLoader.java │ │ │ │ ├── aws │ │ │ │ │ └── AwsQueryInjectionDetector.java │ │ │ │ ├── beans │ │ │ │ │ └── BeanInjectionDetector.java │ │ │ │ ├── command │ │ │ │ │ └── CommandInjectionDetector.java │ │ │ │ ├── crlf │ │ │ │ │ └── CrlfLogInjectionDetector.java │ │ │ │ ├── custom │ │ │ │ │ └── CustomInjectionDetector.java │ │ │ │ ├── fileDisclosure │ │ │ │ │ └── FileDisclosureDetector.java │ │ │ │ ├── formatter │ │ │ │ │ └── FormatStringManipulationDetector.java │ │ │ │ ├── http │ │ │ │ │ └── HttpParameterPollutionDetector.java │ │ │ │ ├── ldap │ │ │ │ │ └── LdapInjectionDetector.java │ │ │ │ ├── redirect │ │ │ │ │ ├── RedirectionSource.java │ │ │ │ │ └── UnvalidatedRedirectDetector.java │ │ │ │ ├── script │ │ │ │ │ ├── OgnlInjectionDetector.java │ │ │ │ │ ├── ScriptInjectionDetector.java │ │ │ │ │ └── SpelViewDetector.java │ │ │ │ ├── smtp │ │ │ │ │ └── SmtpHeaderInjectionDetector.java │ │ │ │ ├── sql │ │ │ │ │ ├── AndroidSqlInjectionDetector.java │ │ │ │ │ └── SqlInjectionDetector.java │ │ │ │ ├── ssrf │ │ │ │ │ └── SSRFDetector.java │ │ │ │ ├── trust │ │ │ │ │ ├── TrustBoundaryViolationAttributeDetector.java │ │ │ │ │ ├── TrustBoundaryViolationValueDetector.java │ │ │ │ │ └── package-info.java │ │ │ │ └── xml │ │ │ │ │ └── XmlInjectionDetector.java │ │ │ │ ├── jsp │ │ │ │ ├── JspIncludeDetector.java │ │ │ │ ├── JspSpringEvalDetector.java │ │ │ │ ├── JstlOutDetector.java │ │ │ │ └── XslTransformJspDetector.java │ │ │ │ ├── kotlin │ │ │ │ ├── KotlinHardcodePasswordInMapDetector.java │ │ │ │ └── KotlinHardcodedPasswordEqualsDetector.java │ │ │ │ ├── ldap │ │ │ │ ├── AnonymousLdapDetector.java │ │ │ │ └── LdapEntryPoisoningDetector.java │ │ │ │ ├── password │ │ │ │ ├── AbstractHardcodePasswordInMapDetector.java │ │ │ │ ├── AbstractHardcodedPasswordEqualsDetector.java │ │ │ │ ├── ConstantPasswordDetector.java │ │ │ │ ├── GoogleApiKeyDetector.java │ │ │ │ ├── HardcodePasswordInMapDetector.java │ │ │ │ ├── HardcodedPasswordEqualsDetector.java │ │ │ │ ├── HashUnsafeEqualsDetector.java │ │ │ │ ├── IntuitiveHardcodePasswordDetector.java │ │ │ │ └── JschPasswordDetector.java │ │ │ │ ├── saml │ │ │ │ └── SamlIgnoreCommentsDetector.java │ │ │ │ ├── scala │ │ │ │ ├── PlayUnvalidatedRedirectDetector.java │ │ │ │ ├── ScalaSensitiveDataExposureDetector.java │ │ │ │ ├── SslDisablerDetector.java │ │ │ │ ├── XssMvcApiDetector.java │ │ │ │ └── XssTwirlDetector.java │ │ │ │ ├── serial │ │ │ │ ├── DeserializationGadgetDetector.java │ │ │ │ ├── ObjectDeserializationDetector.java │ │ │ │ └── UnsafeJacksonDeserializationDetector.java │ │ │ │ ├── spring │ │ │ │ ├── CorsRegistryCORSDetector.java │ │ │ │ ├── SignatureParserWithGeneric.java │ │ │ │ ├── SpringEntityLeakDetector.java │ │ │ │ └── SpringUnvalidatedRedirectDetector.java │ │ │ │ ├── taintanalysis │ │ │ │ ├── EngineRegistrar.java │ │ │ │ ├── InvalidStateException.java │ │ │ │ ├── Taint.java │ │ │ │ ├── TaintAnalysis.java │ │ │ │ ├── TaintClassConfig.java │ │ │ │ ├── TaintConfig.java │ │ │ │ ├── TaintConfigLoader.java │ │ │ │ ├── TaintDataflow.java │ │ │ │ ├── TaintDataflowEngine.java │ │ │ │ ├── TaintFieldConfig.java │ │ │ │ ├── TaintFrame.java │ │ │ │ ├── TaintFrameAdditionalVisitor.java │ │ │ │ ├── TaintFrameModelingVisitor.java │ │ │ │ ├── TaintMethodConfig.java │ │ │ │ ├── TaintMethodConfigWithArgumentsAndLocation.java │ │ │ │ ├── TaintTypeConfig.java │ │ │ │ ├── data │ │ │ │ │ ├── TaintLocation.java │ │ │ │ │ ├── UnknownSource.java │ │ │ │ │ └── UnknownSourceType.java │ │ │ │ └── extra │ │ │ │ │ ├── JstlExpressionWhiteLister.java │ │ │ │ │ └── PotentialValueTracker.java │ │ │ │ ├── template │ │ │ │ ├── FreemarkerDetector.java │ │ │ │ ├── PebbleDetector.java │ │ │ │ └── VelocityDetector.java │ │ │ │ ├── wicket │ │ │ │ └── WicketXssComponentDetector.java │ │ │ │ ├── xml │ │ │ │ ├── EnabledExtensionsInApacheXmlRpcDetector.java │ │ │ │ ├── SchemaFactoryDetector.java │ │ │ │ ├── StdXmlTransformDetector.java │ │ │ │ ├── TransformerFactoryDetector.java │ │ │ │ ├── ValidatorDetector.java │ │ │ │ ├── XmlDecoderDetector.java │ │ │ │ ├── XmlStreamReaderDetector.java │ │ │ │ └── XxeDetector.java │ │ │ │ ├── xpath │ │ │ │ ├── XPathInjectionDetector.java │ │ │ │ └── package-info.java │ │ │ │ └── xss │ │ │ │ ├── XSSRequestWrapperDetector.java │ │ │ │ ├── XssJspDetector.java │ │ │ │ └── XssServletDetector.java │ │ └── resources │ │ │ ├── injection-sinks │ │ │ ├── aws.txt │ │ │ ├── beans.txt │ │ │ ├── command-scala.txt │ │ │ ├── command.txt │ │ │ ├── crlf-logs.txt │ │ │ ├── el.txt │ │ │ ├── formatter.txt │ │ │ ├── http-parameter-pollution.txt │ │ │ ├── kotlin-path-traversal-in.txt │ │ │ ├── ldap.txt │ │ │ ├── path-traversal-in.txt │ │ │ ├── path-traversal-out.txt │ │ │ ├── requestdispatcher-file-disclosure.txt │ │ │ ├── response-splitting.txt │ │ │ ├── scala-path-traversal-in.txt │ │ │ ├── scala-path-traversal-out.txt │ │ │ ├── scala-play-ssrf.txt │ │ │ ├── script-engine.txt │ │ │ ├── seam-el.txt │ │ │ ├── sensitive-data-exposure-scala.txt │ │ │ ├── smtp.txt │ │ │ ├── spel.txt │ │ │ ├── spring-file-disclosure.txt │ │ │ ├── sql-android.txt │ │ │ ├── sql-hibernate.txt │ │ │ ├── sql-jdbc.txt │ │ │ ├── sql-jdo.txt │ │ │ ├── sql-jpa.txt │ │ │ ├── sql-scala-anorm.txt │ │ │ ├── sql-scala-slick.txt │ │ │ ├── sql-spring.txt │ │ │ ├── sql-turbine.txt │ │ │ ├── sql-vertx-sql-client.txt │ │ │ ├── struts-file-disclosure.txt │ │ │ ├── struts2.txt │ │ │ ├── trust-boundary-violation-attribute.txt │ │ │ ├── trust-boundary-violation-value.txt │ │ │ ├── urlconnection-ssrf.txt │ │ │ ├── xpath-apache.txt │ │ │ ├── xpath-javax.txt │ │ │ ├── xslt.txt │ │ │ ├── xss-jsp.txt │ │ │ ├── xss-scala-mvc-api.txt │ │ │ ├── xss-scala-twirl.txt │ │ │ └── xss-servlet.txt │ │ │ ├── metadata │ │ │ ├── META-INF │ │ │ │ └── MANIFEST.MF │ │ │ ├── findbugs.xml │ │ │ ├── messages.xml │ │ │ └── messages_ja.xml │ │ │ ├── password-methods │ │ │ └── password-methods-all.txt │ │ │ ├── safe-encoders │ │ │ ├── apache-commons.txt │ │ │ ├── other.txt │ │ │ └── owasp.txt │ │ │ └── taint-config │ │ │ ├── android-taint-sql.txt │ │ │ ├── collections.txt │ │ │ ├── dropwizard.txt │ │ │ ├── guava.txt │ │ │ ├── java-ee.txt │ │ │ ├── java-lang.txt │ │ │ ├── java-net.txt │ │ │ ├── jetty.txt │ │ │ ├── logging.txt │ │ │ ├── other.txt │ │ │ ├── portlet.txt │ │ │ ├── scala.txt │ │ │ ├── sonarqube.txt │ │ │ ├── struts2-taint.txt │ │ │ ├── taint-param-annotations.txt │ │ │ ├── taint-sensitive-data.txt │ │ │ ├── tainted-system-variables.txt │ │ │ └── wicket.txt │ └── test │ │ ├── java │ │ └── com │ │ │ └── h3xstream │ │ │ └── findsecbugs │ │ │ ├── DangerousPermissionCombinationTest.java │ │ │ ├── ExternalConfigurationControlDetectorTest.java │ │ │ ├── FindSecBugsGlobalConfigTest.java │ │ │ ├── HttpResponseSplittingDetectorTest.java │ │ │ ├── ImproperHandlingUnicodeDetectorTest.java │ │ │ ├── MetadataFilesValidationTest.java │ │ │ ├── ModificationAfterValidationTest.java │ │ │ ├── NormalizationAfterValidationTest.java │ │ │ ├── PermissiveCORSDetectorTest.java │ │ │ ├── PotentialValueDetectorTest.java │ │ │ ├── PredictableRandomDetectorScalaTest.java │ │ │ ├── PredictableRandomDetectorTest.java │ │ │ ├── ReDosDetectorTest.java │ │ │ ├── StringSubstitutorTest.java │ │ │ ├── StrutsValidatorFormDetectorTest.java │ │ │ ├── UnvalidatedRedirectDetectorTest.java │ │ │ ├── WeakFilenameUtilsMethodDetectorTest.java │ │ │ ├── XmlDecoderDetectorTest.java │ │ │ ├── android │ │ │ ├── BroadcastDetectorTest.java │ │ │ ├── ExternalFileAccessDetectorTest.java │ │ │ ├── GeolocationDetectorTest.java │ │ │ ├── WebViewJavascriptEnabledDetectorTest.java │ │ │ ├── WebViewJavascriptInterfaceDetectorTest.java │ │ │ └── WorldWritableDetectorTest.java │ │ │ ├── bugs │ │ │ ├── CoberturaCoverageTest.java │ │ │ ├── EnumUseInSql491Test.java │ │ │ ├── OutOfBoundMutableTest.java │ │ │ ├── OutOfBoundsLocalVariableIndex556Test.java │ │ │ ├── TaintAnalysisInJava8Github575Test.java │ │ │ ├── UnknownSourcesStringBuilderTest.java │ │ │ └── WebGoatCreateDb529Test.java │ │ │ ├── common │ │ │ ├── ByteCodeTest.java │ │ │ └── ByteCodeTraceTest.java │ │ │ ├── cookie │ │ │ ├── CookieFlagsDetectorTest.java │ │ │ ├── CookieReadDetectorTest.java │ │ │ ├── PersistentCookieDetectorTest.java │ │ │ └── UrlRewritingDetectorTest.java │ │ │ ├── crypto │ │ │ ├── BadHexadecimalConversionDetectorTest.java │ │ │ ├── CipherWithNoIntegrityDetectorTest.java │ │ │ ├── CustomMessageDigestDetectorTest.java │ │ │ ├── DesUsageDetectorTest.java │ │ │ ├── EcbModeDetectorTest.java │ │ │ ├── ErrorMessageExposureDetectorTest.java │ │ │ ├── EsapiEncryptorDetectorTest.java │ │ │ ├── HazelcastSymmetricEncryptionDetectorTest.java │ │ │ ├── InsecureSmtpSslDetectorTest.java │ │ │ ├── InsufficientKeySizeBlowfishDetectorTest.java │ │ │ ├── InsufficientKeySizeRsaDetectorTest.java │ │ │ ├── NullCipherDetectorTest.java │ │ │ ├── RsaNoPaddingDetectorTest.java │ │ │ ├── StaticIvDetectorTest.java │ │ │ ├── UnencryptedServerSocketDetectorTest.java │ │ │ ├── UnencryptedSocketDetectorTest.java │ │ │ ├── WeakMessageDigestDetectorTest.java │ │ │ ├── WeakTLSDetectorTest.java │ │ │ └── WeakTrustManagerDetectorTest.java │ │ │ ├── csrf │ │ │ ├── SpringCsrfProtectionDisabledDetectorTest.java │ │ │ └── SpringCsrfUnrestrictedRequestMappingDetectorTest.java │ │ │ ├── endpoint │ │ │ ├── JaxRsEndpointDetectorTest.java │ │ │ ├── JaxWsEndpointDetectorTest.java │ │ │ ├── ServletEndpointDetectorTest.java │ │ │ ├── SpringMvcEndpointDetectorTest.java │ │ │ ├── Struts1EndpointDetectorTest.java │ │ │ ├── Struts2EndpointDetectorTest.java │ │ │ ├── TapestryEndpointDetectorTest.java │ │ │ └── WicketEndpointDetectorTest.java │ │ │ ├── file │ │ │ ├── ConstantValueTest.java │ │ │ ├── FileUploadFilenameDetectorTest.java │ │ │ ├── NioPathTraversalTest.java │ │ │ ├── OverlyPermissiveFilePermissionDetectorTest.java │ │ │ ├── PathTraversalDetectorSeparatorFalsePositiveTest.java │ │ │ ├── PathTraversalDetectorTempFileTest.java │ │ │ └── PathTraversalDetectorTest.java │ │ │ ├── groovy │ │ │ └── GroovyShellDetectorTest.java │ │ │ ├── injection │ │ │ ├── SinkFilesValidationTest.java │ │ │ ├── aws │ │ │ │ └── AwsQueryInjectionDetectorTest.java │ │ │ ├── beans │ │ │ │ └── BeanInjectionDetectorTest.java │ │ │ ├── command │ │ │ │ ├── CommandInjectionDetectorAdvancedTest.java │ │ │ │ └── CommandInjectionDetectorTest.java │ │ │ ├── crlf │ │ │ │ └── CrlfLogInjectionDetectorTest.java │ │ │ ├── custom │ │ │ │ └── CustomInjectionDetectorTest.java │ │ │ ├── fileDisclosure │ │ │ │ └── FileDisclosureDetectorTest.java │ │ │ ├── formatter │ │ │ │ └── FormatStringManipulationDetectorTest.java │ │ │ ├── http │ │ │ │ └── HttpParameterPollutionDetectorTest.java │ │ │ ├── ldap │ │ │ │ ├── JndiLdapInjectionSourceAdditionalSignaturesTest.java │ │ │ │ ├── JndiLdapInjectionSourceTest.java │ │ │ │ └── UnboundIdLdapInjectionSourceTest.java │ │ │ ├── script │ │ │ │ ├── ElInjectionTest.java │ │ │ │ ├── OgnlInjectionDetectorTest.java │ │ │ │ ├── ScriptEngineInjectionTest.java │ │ │ │ ├── SeamLoggingDetectionTest.java │ │ │ │ ├── SpelInjectionTest.java │ │ │ │ └── SpelViewDetectorTest.java │ │ │ ├── smtp │ │ │ │ └── SmtpHeaderInjectionDetectorTest.java │ │ │ ├── sql │ │ │ │ ├── AndroidInjectionSourceTest.java │ │ │ │ ├── HibernateInjectionSourceTest.java │ │ │ │ ├── JdbcInjectionSourceTest.java │ │ │ │ ├── JdoInjectionSourceFilterTest.java │ │ │ │ ├── JdoInjectionSourceTest.java │ │ │ │ ├── JpaInjectionSourceTest.java │ │ │ │ ├── SpringJdbcOperationsAndTemplateTest.java │ │ │ │ ├── SpringJdbcWithMessageFormatTest.java │ │ │ │ ├── SpringPreparedStatementCreatorFactoryTest.java │ │ │ │ ├── SqlMethodUnknownSourceTest.java │ │ │ │ ├── TorqueSqlDetectorTest.java │ │ │ │ ├── TurbineSqlDetectorTest.java │ │ │ │ └── VertxSqlClientSqlDetectorTest.java │ │ │ ├── stringbuilder │ │ │ │ └── InjectionWithStringBuilderTest.java │ │ │ ├── trust │ │ │ │ └── TrustBoundaryViolationDetectorTest.java │ │ │ └── xml │ │ │ │ └── XmlInjectionTest.java │ │ │ ├── jsp │ │ │ ├── JspIncludeDetectorTest.java │ │ │ ├── JspSpringEvalDetectorTest.java │ │ │ ├── JstlExpressionWhiteListerTest.java │ │ │ ├── JstlOutDetectorTest.java │ │ │ ├── JstlOutDetectorWeblogicTest.java │ │ │ └── XslTransformJspDetectorTest.java │ │ │ ├── kotlin │ │ │ ├── IdentityFunctionCommandInjectionTest.java │ │ │ ├── KotlinHardcodePasswordInMapDetectorTest.java │ │ │ ├── KotlinHardcodedPasswordEqualsDetectorTest.java │ │ │ ├── KotlinPathTraversalDetectorTest.java │ │ │ └── StringManipulationCommandInjectionTest.java │ │ │ ├── ldap │ │ │ ├── AnonymousLdapDetectorTest.java │ │ │ ├── LdapEntryPoisoningDetectorTest.java │ │ │ └── SpringLdapInjectionTest.java │ │ │ ├── password │ │ │ ├── ConstantPasswordDetectorTest.java │ │ │ ├── GoogleApiKeyDetectorTest.java │ │ │ ├── HardcodePasswordInMapDetectorTest.java │ │ │ ├── HardcodedPasswordEqualsDetectorTest.java │ │ │ ├── HashUnsafeEqualsDetectorTest.java │ │ │ ├── IntuitiveHardcodePasswordDetectorTest.java │ │ │ └── JschPasswordDetectorTest.java │ │ │ ├── saml │ │ │ └── SamlIgnoreCommentsDetectorTest.java │ │ │ ├── scala │ │ │ ├── PlayUnvalidatedRedirectDetectorTest.java │ │ │ ├── SSRFDetectorTest.java │ │ │ ├── ScalaCommandInjectionDetectorTest.java │ │ │ ├── ScalaPathTraversalDetectorTest.java │ │ │ ├── ScalaSensitiveDataExposureDetectorTest.java │ │ │ ├── ScalaSqlInjectionAnormDetectorTest.java │ │ │ ├── ScalaSqlInjectionSlickDetectorTest.java │ │ │ ├── ScalaStringBuilderTaintTest.java │ │ │ ├── ScalaXssDetectorTest.java │ │ │ └── SslDisablerDetectorTest.java │ │ │ ├── serial │ │ │ ├── DeserializationGadgetDetectorTest.java │ │ │ ├── ObjectDeserializationDetectorTest.java │ │ │ └── UnsafeJacksonDeserializationDetectorTest.java │ │ │ ├── spring │ │ │ ├── CorsRegistryCORSDetectorTest.java │ │ │ ├── SpringEntityLeakDetectorTest.java │ │ │ └── SpringUnvalidatedRedirectDetectorTest.java │ │ │ ├── taintanalysis │ │ │ ├── BaseConfigValidation.java │ │ │ ├── CharacterTaintPropagationTest.java │ │ │ ├── JaxRsAnnotatedControllerTest.java │ │ │ ├── ParameterTaintBackPropagationTest.java │ │ │ ├── StaticContextTaintPropagationTest.java │ │ │ ├── StringConcatenationTest.java │ │ │ ├── TaintAnalysisTaintedByAnnotationTest.java │ │ │ ├── TaintConfigValidationTest.java │ │ │ ├── TaintCustomConfigTest.java │ │ │ ├── TaintCustomSinksTest.java │ │ │ ├── TaintDataflowEngineTest.java │ │ │ ├── TaintFrameTest.java │ │ │ └── TaintMethodConfigTest.java │ │ │ ├── template │ │ │ ├── FreemarkerDetectorTest.java │ │ │ ├── PebbleDetectorTest.java │ │ │ └── VelocityDetectorTest.java │ │ │ ├── wicket │ │ │ └── WicketXssComponentDetectorTest.java │ │ │ ├── xml │ │ │ ├── DocumentBuilderSafePropertyTest.java │ │ │ ├── EnabledExtensionsInApacheXmlRpcTest.java │ │ │ ├── SaxParserSafePropertyTest.java │ │ │ ├── SchemaFactoryDetectorTest.java │ │ │ ├── StdXmlTransformDetectorTest.java │ │ │ ├── TransformerFactoryDetectorTest.java │ │ │ ├── ValidatorDetectorTest.java │ │ │ ├── XmlReaderDetectorTest.java │ │ │ ├── XmlStreamReaderDetectorTest.java │ │ │ ├── XxeDetectorTest.java │ │ │ └── XxeDetectorXPathExpressionTest.java │ │ │ ├── xpath │ │ │ ├── XPathApacheXmlSecTest.java │ │ │ ├── XPathInjectionApacheXPathApiDetectorTest.java │ │ │ └── XPathInjectionJavaxDetectorTest.java │ │ │ └── xss │ │ │ ├── JspXssDetectorTest.java │ │ │ ├── OwaspBenchmarkTest.java │ │ │ ├── XSSRequestWrapperDetectorTest.java │ │ │ ├── XssPortletDetectorTest.java │ │ │ ├── XssResourceBundleTest.java │ │ │ ├── XssServletDetectorTest.java │ │ │ └── encoder │ │ │ └── ApacheCommonsLangTest.java │ │ └── resources │ │ ├── bytecode_samples │ │ ├── jsp_jstl_out_weblogic12.jar │ │ ├── scala_command_injection.jar │ │ ├── scala_path_traversal.jar │ │ ├── scala_play_openredirect.jar │ │ ├── scala_play_ssrf.jar │ │ ├── scala_random.jar │ │ ├── scala_sensitive_data_exposure.jar │ │ ├── scala_sql_injection.jar │ │ ├── scala_ssl_disabler.jar │ │ ├── scala_stringbuilder_taint.jar │ │ └── scala_xss.jar │ │ ├── com │ │ └── h3xstream │ │ │ └── findsecbugs │ │ │ ├── injection │ │ │ ├── custom │ │ │ │ └── CustomInjectionSource.txt │ │ │ └── xml │ │ │ │ └── CustomConfig.txt │ │ │ ├── jsp │ │ │ └── CustomWhiteList.txt │ │ │ ├── taintanalysis │ │ │ ├── CustomConfig.txt │ │ │ └── XPathCustomSinksConfig.txt │ │ │ └── xss │ │ │ └── CustomConfig.txt │ │ └── logback-test.xml └── test-dependencies.xml ├── findsecbugs-samples-deps ├── pom.xml └── src │ └── main │ ├── java │ ├── PluginDepsClassPathFinder.java │ ├── android │ │ ├── app │ │ │ └── Activity.java │ │ ├── content │ │ │ ├── BroadcastReceiver.java │ │ │ ├── ComponentCallbacks.java │ │ │ ├── ComponentCallbacks2.java │ │ │ ├── ContentProvider.java │ │ │ ├── ContentResolver.java │ │ │ ├── ContentValues.java │ │ │ ├── Context.java │ │ │ ├── ContextWrapper.java │ │ │ ├── Intent.java │ │ │ ├── OperationApplicationException.java │ │ │ ├── UriMatcher.java │ │ │ └── res │ │ │ │ └── Configuration.java │ │ ├── database │ │ │ ├── CharArrayBuffer.java │ │ │ ├── Cursor.java │ │ │ ├── DatabaseErrorHandler.java │ │ │ ├── DatabaseUtils.java │ │ │ ├── SQLException.java │ │ │ └── sqlite │ │ │ │ ├── SQLiteClosable.java │ │ │ │ ├── SQLiteCursorDriver.java │ │ │ │ ├── SQLiteDatabase.java │ │ │ │ ├── SQLiteException.java │ │ │ │ ├── SQLiteOpenHelper.java │ │ │ │ ├── SQLiteProgram.java │ │ │ │ ├── SQLiteQuery.java │ │ │ │ ├── SQLiteQueryBuilder.java │ │ │ │ ├── SQLiteStatement.java │ │ │ │ └── SQLiteTransactionListener.java │ │ ├── net │ │ │ └── Uri.java │ │ ├── os │ │ │ ├── Bundle.java │ │ │ ├── CancellationSignal.java │ │ │ ├── Environment.java │ │ │ ├── Handler.java │ │ │ ├── IBinder.java │ │ │ ├── Parcel.java │ │ │ ├── ParcelFileDescriptor.java │ │ │ ├── Parcelable.java │ │ │ └── UserHandle.java │ │ ├── support │ │ │ └── v4 │ │ │ │ └── content │ │ │ │ └── LocalBroadcastManager.java │ │ ├── util │ │ │ ├── Log.java │ │ │ └── Pair.java │ │ ├── view │ │ │ ├── ContextThemeWrapper.java │ │ │ └── View.java │ │ └── webkit │ │ │ ├── GeolocationPermissions.java │ │ │ ├── ValueCallback.java │ │ │ ├── WebChromeClient.java │ │ │ ├── WebSettings.java │ │ │ ├── WebView.java │ │ │ └── WebViewClient.java │ ├── com │ │ ├── amazonaws │ │ │ ├── auth │ │ │ │ └── BasicAWSCredentials.java │ │ │ └── services │ │ │ │ └── simpledb │ │ │ │ ├── AmazonSimpleDBClient.java │ │ │ │ └── model │ │ │ │ ├── SelectRequest.java │ │ │ │ └── SelectResult.java │ │ ├── fasterxml │ │ │ └── jackson │ │ │ │ ├── annotation │ │ │ │ └── JsonTypeInfo.java │ │ │ │ └── databind │ │ │ │ └── ObjectMapper.java │ │ ├── google │ │ │ └── common │ │ │ │ ├── base │ │ │ │ └── Optional.java │ │ │ │ ├── escape │ │ │ │ └── Escaper.java │ │ │ │ └── net │ │ │ │ ├── PercentEscaper.java │ │ │ │ └── UrlEscapers.java │ │ ├── hazelcast │ │ │ ├── config │ │ │ │ ├── Config.java │ │ │ │ ├── MapConfig.java │ │ │ │ ├── NetworkConfig.java │ │ │ │ └── SymmetricEncryptionConfig.java │ │ │ └── core │ │ │ │ ├── Hazelcast.java │ │ │ │ └── IMap.java │ │ ├── jcraft │ │ │ └── jsch │ │ │ │ ├── JSch.java │ │ │ │ └── JSchException.java │ │ ├── mitchellbosecke │ │ │ └── pebble │ │ │ │ ├── PebbleEngine.java │ │ │ │ └── template │ │ │ │ └── PebbleTemplate.java │ │ ├── opensymphony │ │ │ └── xwork2 │ │ │ │ ├── ognl │ │ │ │ ├── OgnlReflectionProvider.java │ │ │ │ └── OgnlUtil.java │ │ │ │ └── util │ │ │ │ ├── OgnlTextParser.java │ │ │ │ ├── TextParseUtil.java │ │ │ │ ├── TextParser.java │ │ │ │ ├── ValueStack.java │ │ │ │ └── reflection │ │ │ │ └── ReflectionProvider.java │ │ ├── sun │ │ │ └── jndi │ │ │ │ └── ldap │ │ │ │ └── LdapCtx.java │ │ ├── typesafe │ │ │ └── config │ │ │ │ └── Config.java │ │ └── unboundid │ │ │ └── ldap │ │ │ └── sdk │ │ │ ├── DereferencePolicy.java │ │ │ ├── Entry.java │ │ │ ├── LDAPConnection.java │ │ │ ├── LDAPException.java │ │ │ ├── LDAPInterface.java │ │ │ ├── ReadOnlyEntry.java │ │ │ ├── ResultCode.java │ │ │ ├── SearchResult.java │ │ │ ├── SearchResultEntry.java │ │ │ └── SearchScope.java │ ├── flexjson │ │ └── JSONSerializer.java │ ├── freemarker │ │ └── template │ │ │ ├── Configuration.java │ │ │ ├── ObjectWrapper.java │ │ │ ├── Template.java │ │ │ ├── TemplateException.java │ │ │ └── TemplateNodeModel.java │ ├── groovy │ │ └── lang │ │ │ ├── Closure.java │ │ │ ├── GroovyClassLoader.java │ │ │ ├── GroovyCodeSource.java │ │ │ ├── GroovyShell.java │ │ │ └── Script.java │ ├── io │ │ ├── dropwizard │ │ │ └── servlets │ │ │ │ └── Servlets.java │ │ └── vertx │ │ │ ├── core │ │ │ ├── AsyncResult.java │ │ │ ├── Future.java │ │ │ ├── Handler.java │ │ │ └── Vertx.java │ │ │ ├── ext │ │ │ ├── auth │ │ │ │ └── oauth2 │ │ │ │ │ └── OAuth2Options.java │ │ │ └── web │ │ │ │ ├── RoutingContext.java │ │ │ │ └── handler │ │ │ │ └── CSRFHandler.java │ │ │ └── sqlclient │ │ │ ├── PreparedQuery.java │ │ │ ├── PreparedStatement.java │ │ │ ├── Query.java │ │ │ ├── Row.java │ │ │ ├── RowSet.java │ │ │ ├── SqlClient.java │ │ │ └── SqlConnection.java │ ├── javax │ │ ├── el │ │ │ ├── ELContext.java │ │ │ ├── ELException.java │ │ │ ├── ELResolver.java │ │ │ ├── ExpressionFactory.java │ │ │ ├── FunctionMapper.java │ │ │ ├── MethodExpression.java │ │ │ └── ValueExpression.java │ │ ├── faces │ │ │ ├── application │ │ │ │ └── Application.java │ │ │ └── context │ │ │ │ └── FacesContext.java │ │ ├── jdo │ │ │ ├── Extent.java │ │ │ ├── JDOHelper.java │ │ │ ├── PersistenceManager.java │ │ │ ├── PersistenceManagerFactory.java │ │ │ └── Query.java │ │ ├── mail │ │ │ ├── Address.java │ │ │ ├── Authenticator.java │ │ │ ├── Message.java │ │ │ ├── MessagingException.java │ │ │ ├── Part.java │ │ │ ├── PasswordAuthentication.java │ │ │ ├── Service.java │ │ │ ├── Session.java │ │ │ ├── Transport.java │ │ │ └── internet │ │ │ │ ├── AddressException.java │ │ │ │ ├── InternetAddress.java │ │ │ │ └── MimeMessage.java │ │ ├── persistence │ │ │ ├── Entity.java │ │ │ ├── EntityManager.java │ │ │ ├── Id.java │ │ │ ├── Query.java │ │ │ ├── TypedQuery.java │ │ │ └── criteria │ │ │ │ └── CriteriaQuery.java │ │ ├── portlet │ │ │ ├── ActionRequest.java │ │ │ ├── BaseURL.java │ │ │ ├── ClientDataRequest.java │ │ │ ├── GenericPortlet.java │ │ │ ├── MimeResponse.java │ │ │ ├── PortletConfig.java │ │ │ ├── PortletException.java │ │ │ ├── PortletRequest.java │ │ │ ├── PortletResponse.java │ │ │ ├── RenderRequest.java │ │ │ ├── RenderResponse.java │ │ │ ├── ResourceRequest.java │ │ │ └── ResourceResponse.java │ │ ├── servlet │ │ │ ├── DispatcherType.java │ │ │ ├── Filter.java │ │ │ ├── FilterChain.java │ │ │ ├── RequestDispatcher.java │ │ │ ├── Servlet.java │ │ │ ├── ServletConfig.java │ │ │ ├── ServletContext.java │ │ │ ├── ServletException.java │ │ │ ├── ServletOutputStream.java │ │ │ ├── ServletRequest.java │ │ │ ├── ServletRequestWrapper.java │ │ │ ├── ServletResponse.java │ │ │ ├── http │ │ │ │ ├── Cookie.java │ │ │ │ ├── HttpServlet.java │ │ │ │ ├── HttpServletRequest.java │ │ │ │ ├── HttpServletRequestWrapper.java │ │ │ │ ├── HttpServletResponse.java │ │ │ │ ├── HttpServletResponseWrapper.java │ │ │ │ └── HttpSession.java │ │ │ └── jsp │ │ │ │ ├── HttpJspPage.java │ │ │ │ ├── JspApplicationContext.java │ │ │ │ ├── JspContext.java │ │ │ │ ├── JspException.java │ │ │ │ ├── JspFactory.java │ │ │ │ ├── JspPage.java │ │ │ │ ├── JspWriter.java │ │ │ │ ├── PageContext.java │ │ │ │ ├── SkipPageException.java │ │ │ │ ├── el │ │ │ │ └── FunctionMapper.java │ │ │ │ └── tagext │ │ │ │ ├── BodyContent.java │ │ │ │ ├── BodyTag.java │ │ │ │ ├── BodyTagSupport.java │ │ │ │ ├── IterationTag.java │ │ │ │ ├── JspTag.java │ │ │ │ ├── SimpleTag.java │ │ │ │ ├── SimpleTagSupport.java │ │ │ │ ├── Tag.java │ │ │ │ ├── TagSupport.java │ │ │ │ └── TryCatchFinally.java │ │ ├── validation │ │ │ └── constraints │ │ │ │ └── Pattern.java │ │ └── ws │ │ │ └── rs │ │ │ ├── GET.java │ │ │ ├── Path.java │ │ │ ├── PathParam.java │ │ │ └── core │ │ │ ├── CacheControl.java │ │ │ ├── EntityTag.java │ │ │ ├── GenericEntity.java │ │ │ ├── MediaType.java │ │ │ ├── MultivaluedMap.java │ │ │ ├── NewCookie.java │ │ │ ├── Response.java │ │ │ └── Variant.java │ ├── kotlin │ │ ├── Metadata.java │ │ └── jvm │ │ │ └── internal │ │ │ └── Intrinsics.java │ ├── ognl │ │ ├── ClassResolver.java │ │ ├── OgnlException.java │ │ └── TypeConverter.java │ ├── org │ │ ├── acegisecurity │ │ │ ├── Authentication.java │ │ │ └── context │ │ │ │ ├── GrantedAuthority.java │ │ │ │ ├── HttpSessionContextIntegrationFilter.java │ │ │ │ ├── SecurityContext.java │ │ │ │ └── SecurityContextHolder.java │ │ ├── apache │ │ │ ├── commons │ │ │ │ ├── beanutils │ │ │ │ │ ├── BeanUtils.java │ │ │ │ │ └── BeanUtilsBean.java │ │ │ │ ├── codec │ │ │ │ │ └── binary │ │ │ │ │ │ └── Hex.java │ │ │ │ ├── collections │ │ │ │ │ └── Transformer.java │ │ │ │ ├── collections4 │ │ │ │ │ ├── Transformer.java │ │ │ │ │ └── comparators │ │ │ │ │ │ └── TransformingComparator.java │ │ │ │ ├── fileupload │ │ │ │ │ ├── FileItem.java │ │ │ │ │ ├── FileUploadException.java │ │ │ │ │ ├── disk │ │ │ │ │ │ └── DiskFileItemFactory.java │ │ │ │ │ └── servlet │ │ │ │ │ │ └── ServletFileUpload.java │ │ │ │ ├── httpclient │ │ │ │ │ └── methods │ │ │ │ │ │ └── GetMethod.java │ │ │ │ ├── io │ │ │ │ │ └── input │ │ │ │ │ │ └── ClassLoaderObjectInputStream.java │ │ │ │ ├── lang │ │ │ │ │ ├── RandomStringUtils.java │ │ │ │ │ ├── StringEscapeUtils.java │ │ │ │ │ └── math │ │ │ │ │ │ ├── JVMRandom.java │ │ │ │ │ │ └── RandomUtils.java │ │ │ │ ├── lang3 │ │ │ │ │ ├── StringEscapeUtils.java │ │ │ │ │ └── text │ │ │ │ │ │ └── StrSubstitutor.java │ │ │ │ ├── mail │ │ │ │ │ ├── Email.java │ │ │ │ │ ├── HtmlEmail.java │ │ │ │ │ ├── ImageHtmlEmail.java │ │ │ │ │ ├── MultiPartEmail.java │ │ │ │ │ └── SimpleEmail.java │ │ │ │ └── text │ │ │ │ │ ├── StringEscapeUtils.java │ │ │ │ │ └── StringSubstitutor.java │ │ │ ├── http │ │ │ │ ├── HttpEntity.java │ │ │ │ ├── HttpResponse.java │ │ │ │ ├── client │ │ │ │ │ ├── HttpClient.java │ │ │ │ │ ├── methods │ │ │ │ │ │ ├── HttpGet.java │ │ │ │ │ │ └── HttpUriRequest.java │ │ │ │ │ └── utils │ │ │ │ │ │ └── URIBuilder.java │ │ │ │ └── impl │ │ │ │ │ └── client │ │ │ │ │ ├── CloseableHttpClient.java │ │ │ │ │ ├── DefaultHttpClient.java │ │ │ │ │ ├── HttpClients.java │ │ │ │ │ └── SystemDefaultHttpClient.java │ │ │ ├── jasper │ │ │ │ └── runtime │ │ │ │ │ ├── HttpJspBase.java │ │ │ │ │ ├── InstanceManagerFactory.java │ │ │ │ │ ├── JspSourceDependent.java │ │ │ │ │ ├── JspSourceImports.java │ │ │ │ │ ├── PageContextImpl.java │ │ │ │ │ └── ProtectedFunctionMapper.java │ │ │ ├── jetspeed │ │ │ │ └── portlet │ │ │ │ │ ├── PortletAdapter.java │ │ │ │ │ ├── PortletConfig.java │ │ │ │ │ ├── PortletException.java │ │ │ │ │ ├── PortletRequest.java │ │ │ │ │ ├── PortletResponse.java │ │ │ │ │ └── UnavailableException.java │ │ │ ├── struts │ │ │ │ ├── action │ │ │ │ │ ├── Action.java │ │ │ │ │ ├── ActionErrors.java │ │ │ │ │ ├── ActionForm.java │ │ │ │ │ ├── ActionForward.java │ │ │ │ │ ├── ActionMapping.java │ │ │ │ │ ├── ActionMessage.java │ │ │ │ │ └── ActionMessages.java │ │ │ │ └── validator │ │ │ │ │ └── ValidatorForm.java │ │ │ ├── struts2 │ │ │ │ ├── dispatcher │ │ │ │ │ ├── HttpParameters.java │ │ │ │ │ └── Parameter.java │ │ │ │ ├── util │ │ │ │ │ ├── StrutsUtil.java │ │ │ │ │ └── VelocityStrutsUtil.java │ │ │ │ └── views │ │ │ │ │ └── jsp │ │ │ │ │ └── ui │ │ │ │ │ └── OgnlTool.java │ │ │ ├── tapestry5 │ │ │ │ ├── annotations │ │ │ │ │ ├── OnEvent.java │ │ │ │ │ └── Persist.java │ │ │ │ └── corelib │ │ │ │ │ └── components │ │ │ │ │ └── Form.java │ │ │ ├── tomcat │ │ │ │ └── InstanceManager.java │ │ │ ├── torque │ │ │ │ └── util │ │ │ │ │ └── BasePeer.java │ │ │ ├── turbine │ │ │ │ ├── om │ │ │ │ │ ├── peer │ │ │ │ │ │ └── BasePeer.java │ │ │ │ │ └── security │ │ │ │ │ │ └── peer │ │ │ │ │ │ └── GroupPeer.java │ │ │ │ └── util │ │ │ │ │ └── db │ │ │ │ │ ├── Criteria.java │ │ │ │ │ └── pool │ │ │ │ │ └── DBConnection.java │ │ │ ├── velocity │ │ │ │ ├── VelocityContext.java │ │ │ │ ├── app │ │ │ │ │ ├── Velocity.java │ │ │ │ │ └── VelocityEngine.java │ │ │ │ └── context │ │ │ │ │ └── Context.java │ │ │ ├── wicket │ │ │ │ ├── Component.java │ │ │ │ ├── MarkupContainer.java │ │ │ │ ├── Page.java │ │ │ │ ├── markup │ │ │ │ │ └── html │ │ │ │ │ │ ├── WebComponent.java │ │ │ │ │ │ ├── WebPage.java │ │ │ │ │ │ └── basic │ │ │ │ │ │ └── Label.java │ │ │ │ ├── protocol │ │ │ │ │ └── http │ │ │ │ │ │ ├── ClientProperties.java │ │ │ │ │ │ ├── request │ │ │ │ │ │ └── WebClientInfo.java │ │ │ │ │ │ └── servlet │ │ │ │ │ │ └── ServletPartFileItem.java │ │ │ │ ├── request │ │ │ │ │ ├── IRequestParameters.java │ │ │ │ │ ├── Request.java │ │ │ │ │ ├── http │ │ │ │ │ │ └── WebRequest.java │ │ │ │ │ └── mapper │ │ │ │ │ │ └── parameter │ │ │ │ │ │ └── PageParameters.java │ │ │ │ └── util │ │ │ │ │ ├── string │ │ │ │ │ └── StringValue.java │ │ │ │ │ └── upload │ │ │ │ │ ├── FileItem.java │ │ │ │ │ ├── FileUploadException.java │ │ │ │ │ └── ServletFileUpload.java │ │ │ ├── xml │ │ │ │ └── security │ │ │ │ │ └── utils │ │ │ │ │ ├── JDKXPathAPI.java │ │ │ │ │ ├── XPathAPI.java │ │ │ │ │ └── XalanXPathAPI.java │ │ │ ├── xmlrpc │ │ │ │ ├── client │ │ │ │ │ └── XmlRpcClientConfigImpl.java │ │ │ │ └── server │ │ │ │ │ └── XmlRpcServerConfigImpl.java │ │ │ └── xpath │ │ │ │ ├── XPath.java │ │ │ │ └── XPathAPI.java │ │ ├── bouncycastle │ │ │ ├── asn1 │ │ │ │ ├── ASN1InputStream.java │ │ │ │ └── DERObject.java │ │ │ └── jce │ │ │ │ └── provider │ │ │ │ └── BouncyCastleProvider.java │ │ ├── codehaus │ │ │ └── groovy │ │ │ │ └── runtime │ │ │ │ └── ConversionHandler.java │ │ ├── eclipse │ │ │ └── jetty │ │ │ │ └── http │ │ │ │ ├── HttpCookie.java │ │ │ │ ├── HttpField.java │ │ │ │ ├── HttpFields.java │ │ │ │ ├── HttpHeader.java │ │ │ │ └── HttpURI.java │ │ ├── hibernate │ │ │ ├── Criteria.java │ │ │ ├── Query.java │ │ │ ├── SQLQuery.java │ │ │ ├── Session.java │ │ │ ├── SessionFactory.java │ │ │ ├── criterion │ │ │ │ ├── Criterion.java │ │ │ │ └── Restrictions.java │ │ │ └── type │ │ │ │ ├── StandardBasicTypes.java │ │ │ │ ├── StringType.java │ │ │ │ └── Type.java │ │ ├── jboss │ │ │ └── seam │ │ │ │ └── log │ │ │ │ └── Log.java │ │ ├── jetbrains │ │ │ └── annotations │ │ │ │ └── NotNull.java │ │ ├── opensaml │ │ │ └── xml │ │ │ │ └── parse │ │ │ │ ├── BasicParserPool.java │ │ │ │ ├── ParserPool.java │ │ │ │ └── StaticBasicParserPool.java │ │ ├── owasp │ │ │ ├── encoder │ │ │ │ ├── Encode.java │ │ │ │ └── tag │ │ │ │ │ ├── EncodingTag.java │ │ │ │ │ └── ForHtmlTag.java │ │ │ ├── esapi │ │ │ │ ├── ESAPI.java │ │ │ │ ├── Encoder.java │ │ │ │ ├── Encryptor.java │ │ │ │ ├── Validator.java │ │ │ │ ├── codecs │ │ │ │ │ ├── Codec.java │ │ │ │ │ └── WindowsCodec.java │ │ │ │ ├── crypto │ │ │ │ │ ├── CipherText.java │ │ │ │ │ └── PlainText.java │ │ │ │ └── errors │ │ │ │ │ ├── EncryptionException.java │ │ │ │ │ ├── IntrusionException.java │ │ │ │ │ └── ValidationException.java │ │ │ └── html │ │ │ │ ├── HtmlChangeListener.java │ │ │ │ └── PolicyFactory.java │ │ ├── slf4j │ │ │ └── Logger.java │ │ ├── sonarqube │ │ │ └── ws │ │ │ │ └── client │ │ │ │ ├── BaseRequest.java │ │ │ │ ├── Headers.java │ │ │ │ ├── Parameters.java │ │ │ │ └── WsRequest.java │ │ └── springframework │ │ │ ├── beans │ │ │ ├── BeanUtils.java │ │ │ └── factory │ │ │ │ └── annotation │ │ │ │ ├── Autowired.java │ │ │ │ ├── Qualifier.java │ │ │ │ └── Value.java │ │ │ ├── boot │ │ │ ├── CommandLineRunner.java │ │ │ ├── SpringApplication.java │ │ │ └── autoconfigure │ │ │ │ ├── SpringBootApplication.java │ │ │ │ └── web │ │ │ │ ├── ErrorAttributes.java │ │ │ │ └── ErrorController.java │ │ │ ├── configurable │ │ │ └── ConfigurableApplicationContext.java │ │ │ ├── context │ │ │ ├── ApplicationContext.java │ │ │ ├── annotation │ │ │ │ └── Bean.java │ │ │ └── expression │ │ │ │ └── MapAccessor.java │ │ │ ├── core │ │ │ ├── annotation │ │ │ │ └── AliasFor.java │ │ │ └── io │ │ │ │ └── InputStreamSource.java │ │ │ ├── dao │ │ │ └── DataAccessException.java │ │ │ ├── expression │ │ │ ├── EvaluationContext.java │ │ │ ├── Expression.java │ │ │ ├── ExpressionException.java │ │ │ ├── ExpressionParser.java │ │ │ ├── ParseException.java │ │ │ ├── ParserContext.java │ │ │ ├── PropertyAccessor.java │ │ │ ├── common │ │ │ │ └── TemplateAwareExpressionParser.java │ │ │ └── spel │ │ │ │ ├── standard │ │ │ │ └── SpelExpressionParser.java │ │ │ │ └── support │ │ │ │ └── StandardEvaluationContext.java │ │ │ ├── jdbc │ │ │ ├── core │ │ │ │ ├── BatchPreparedStatementSetter.java │ │ │ │ ├── BatchUpdateUtils.java │ │ │ │ ├── CallableStatementCallback.java │ │ │ │ ├── CallableStatementCreator.java │ │ │ │ ├── JdbcOperations.java │ │ │ │ ├── JdbcTemplate.java │ │ │ │ ├── ParameterizedPreparedStatementSetter.java │ │ │ │ ├── PreparedStatementCallback.java │ │ │ │ ├── PreparedStatementCreator.java │ │ │ │ ├── PreparedStatementCreatorFactory.java │ │ │ │ ├── PreparedStatementSetter.java │ │ │ │ ├── ResultSetExtractor.java │ │ │ │ ├── RowCallbackHandler.java │ │ │ │ ├── RowMapper.java │ │ │ │ ├── SqlParameter.java │ │ │ │ ├── StatementCallback.java │ │ │ │ └── namedparam │ │ │ │ │ └── NamedParameterBatchUpdateUtils.java │ │ │ └── support │ │ │ │ └── rowset │ │ │ │ └── SqlRowSet.java │ │ │ ├── ldap │ │ │ └── core │ │ │ │ ├── AttributesMapper.java │ │ │ │ ├── ContextMapper.java │ │ │ │ ├── DefaultNameClassPairMapper.java │ │ │ │ ├── DirContextProcessor.java │ │ │ │ ├── IncrementalAttributesMapper.java │ │ │ │ ├── LdapEntryIdentification.java │ │ │ │ ├── LdapEntryIdentificationContextMapper.java │ │ │ │ ├── LdapOperations.java │ │ │ │ ├── LdapTemplate.java │ │ │ │ ├── NameClassPairCallbackHandler.java │ │ │ │ ├── NameClassPairMapper.java │ │ │ │ └── support │ │ │ │ ├── CountNameClassPairCallbackHandler.java │ │ │ │ └── DefaultIncrementalAttributesMapper.java │ │ │ ├── security │ │ │ ├── config │ │ │ │ └── annotation │ │ │ │ │ ├── SecurityBuilder.java │ │ │ │ │ ├── SecurityConfigurer.java │ │ │ │ │ ├── SecurityConfigurerAdapter.java │ │ │ │ │ └── web │ │ │ │ │ ├── builders │ │ │ │ │ └── HttpSecurity.java │ │ │ │ │ ├── configuration │ │ │ │ │ ├── EnableWebSecurity.java │ │ │ │ │ └── WebSecurityConfigurerAdapter.java │ │ │ │ │ └── configurers │ │ │ │ │ ├── AbstractHttpConfigurer.java │ │ │ │ │ └── CsrfConfigurer.java │ │ │ ├── core │ │ │ │ ├── Authentication.java │ │ │ │ ├── GrantedAuthority.java │ │ │ │ └── context │ │ │ │ │ ├── SecurityContext.java │ │ │ │ │ └── SecurityContextHolder.java │ │ │ └── oauth2 │ │ │ │ ├── config │ │ │ │ └── annotation │ │ │ │ │ ├── builders │ │ │ │ │ ├── ClientDetailsServiceBuilder.java │ │ │ │ │ └── InMemoryClientDetailsServiceBuilder.java │ │ │ │ │ ├── configurers │ │ │ │ │ └── ClientDetailsServiceConfigurer.java │ │ │ │ │ └── web │ │ │ │ │ └── configuration │ │ │ │ │ ├── AuthorizationServerConfigurer.java │ │ │ │ │ ├── AuthorizationServerConfigurerAdapter.java │ │ │ │ │ └── EnableAuthorizationServer.java │ │ │ │ └── provider │ │ │ │ └── ClientDetailsService.java │ │ │ ├── stereotype │ │ │ └── Controller.java │ │ │ ├── util │ │ │ ├── PropertyPlaceholderHelper.java │ │ │ ├── ReflectionUtils.java │ │ │ └── StringUtils.java │ │ │ ├── validation │ │ │ └── Errors.java │ │ │ └── web │ │ │ ├── bind │ │ │ └── annotation │ │ │ │ ├── DeleteMapping.java │ │ │ │ ├── GetMapping.java │ │ │ │ ├── ModelAttribute.java │ │ │ │ ├── PatchMapping.java │ │ │ │ ├── PathVariable.java │ │ │ │ ├── PostMapping.java │ │ │ │ ├── PutMapping.java │ │ │ │ ├── RequestBody.java │ │ │ │ ├── RequestHeader.java │ │ │ │ ├── RequestMapping.java │ │ │ │ ├── RequestMethod.java │ │ │ │ ├── RequestParam.java │ │ │ │ ├── RequestPart.java │ │ │ │ └── ValueConstants.java │ │ │ ├── context │ │ │ └── request │ │ │ │ ├── RequestAttributes.java │ │ │ │ └── ServletRequestAttributes.java │ │ │ ├── filter │ │ │ └── RequestContextFilter.java │ │ │ ├── multipart │ │ │ └── MultipartFile.java │ │ │ ├── servlet │ │ │ ├── ModelAndView.java │ │ │ ├── View.java │ │ │ ├── config │ │ │ │ └── annotation │ │ │ │ │ ├── CorsRegistration.java │ │ │ │ │ ├── CorsRegistry.java │ │ │ │ │ └── WebMvcConfigurer.java │ │ │ ├── support │ │ │ │ ├── RequestContext.java │ │ │ │ └── ServletUriComponentsBuilder.java │ │ │ └── tags │ │ │ │ ├── ArgumentTag.java │ │ │ │ ├── BindErrorsTag.java │ │ │ │ ├── BindTag.java │ │ │ │ ├── EditorAwareTag.java │ │ │ │ ├── EscapeBodyTag.java │ │ │ │ ├── EvalTag.java │ │ │ │ ├── HtmlEscapeTag.java │ │ │ │ ├── HtmlEscapingAwareTag.java │ │ │ │ ├── MessageTag.java │ │ │ │ ├── Param.java │ │ │ │ ├── ParamAware.java │ │ │ │ ├── ParamTag.java │ │ │ │ ├── RequestContextAwareTag.java │ │ │ │ ├── ThemeTag.java │ │ │ │ ├── TransformTag.java │ │ │ │ └── UrlTag.java │ │ │ └── util │ │ │ ├── HtmlUtils.java │ │ │ ├── JavaScriptUtils.java │ │ │ ├── UriComponents.java │ │ │ └── UriComponentsBuilder.java │ ├── scala │ │ ├── Long.java │ │ ├── Option.java │ │ ├── StringContext.java │ │ ├── Tuple2.java │ │ ├── collection │ │ │ └── mutable │ │ │ │ └── StringBuilder.java │ │ └── util │ │ │ └── Random.java │ └── sun │ │ └── security │ │ └── provider │ │ └── DSAPublicKeyImpl.java │ └── resources │ └── META-INF │ └── spring.tld ├── findsecbugs-samples-java ├── pom.xml └── src │ └── test │ ├── java │ └── testcode │ │ ├── ApacheXmlRpc.java │ │ ├── AwsQueryInjection.java │ │ ├── BeanInjection.java │ │ ├── DbCatalog.java │ │ ├── FormatStringManipulation.java │ │ ├── HttpParameterPollution.java │ │ ├── HttpParameterPollutionFalsePositive.java │ │ ├── InsecureRandom.java │ │ ├── Logging.java │ │ ├── Pattern.java │ │ ├── RedosInPatternAnnotation.java │ │ ├── ResponseSplittingServlet.java │ │ ├── UnvalidatedRedirectServlet.java │ │ ├── UrlConnectionSSRF.java │ │ ├── VariousRedos.java │ │ ├── WeakFilenameUtils.java │ │ ├── android │ │ ├── BroadcastIntentActivity.java │ │ ├── CustomLocalBroadcastManager.java │ │ ├── ExternalFileAccessActivity.java │ │ ├── GeolocationActivity.java │ │ ├── R.java │ │ ├── WebViewJavascriptEnabledActivity.java │ │ ├── WebViewJavascriptInterfaceActivity.java │ │ └── WorldWritableActivity.java │ │ ├── bugs │ │ ├── BenchmarkTest00051.java │ │ ├── EnumUseInSql491.java │ │ ├── OutOfBoundMutableSample.java │ │ ├── OutOfBoundsLocalVariableIndex556.java │ │ ├── SeparateClassRequest.java │ │ ├── SomeEnum.java │ │ └── WebGoatCreateDb529.java │ │ ├── command │ │ ├── CommandInjection.java │ │ ├── CommandInjectionSafe.java │ │ ├── CommandInjectionSuspicious.java │ │ ├── InterfaceWithSink.java │ │ ├── MoreMethods.java │ │ └── SubClass.java │ │ ├── cookie │ │ ├── CookieUsage.java │ │ ├── HttpOnlyCookieSamples.java │ │ ├── InsecureCookieSamples.java │ │ ├── PersistentCookie.java │ │ └── UrlRewriting.java │ │ ├── cors │ │ ├── PermissiveCORS.java │ │ ├── SpringPermissiveCORSInsecure.java │ │ └── SpringPermissiveCORSSecure.java │ │ ├── crypto │ │ ├── BadHexa.java │ │ ├── BlockCipherList.java │ │ ├── CipherNoIntegrity.java │ │ ├── CipherNoIntegrityBugFixRsa.java │ │ ├── CustomMessageDigest.java │ │ ├── DesKeyGeneration.java │ │ ├── ErrorMessages.java │ │ ├── EsapiCrypto.java │ │ ├── HazelcastSymmetric.java │ │ ├── InsecureSmtpSsl.java │ │ ├── InsufficientKeySizeBlowfish.java │ │ ├── InsufficientKeySizeRsa.java │ │ ├── NullCipherUse.java │ │ ├── RsaNoPadding.java │ │ ├── UnencryptedServerSocket.java │ │ ├── UnencryptedSocket.java │ │ ├── WeakMessageDigest.java │ │ ├── WeakMessageDigestAdditionalSig.java │ │ ├── WeakTLSProtocol.java │ │ ├── iv │ │ │ ├── ConstantIv.java │ │ │ ├── SafeApacheCamelCipherPair.java │ │ │ ├── SafeIvGeneration.java │ │ │ ├── StaticIvDecrypt.java │ │ │ ├── StaticIvUnwrap.java │ │ │ ├── StaticIvWrap.java │ │ │ └── StaticVariableIv.java │ │ └── ssldisabler │ │ │ ├── AllHosts.java │ │ │ ├── SecurityBypasser.java │ │ │ ├── SslDisablerUsage.java │ │ │ ├── TrustAllManager.java │ │ │ └── package-info.java │ │ ├── csrf │ │ ├── SafeSpringCsrfRequestMappingController.java │ │ ├── SpringCsrfProtectionDisabled.java │ │ └── UnsafeSpringCsrfRequestMappingController.java │ │ ├── endpoint │ │ ├── BasicHttpServlet.java │ │ ├── BasicServlet.java │ │ ├── JaxRsService.java │ │ ├── JaxWsService.java │ │ └── SpringTestController.java │ │ ├── file │ │ ├── FileDisclosure.java │ │ ├── FileUploadCommon.java │ │ ├── FileUploadWicket.java │ │ └── permissions │ │ │ ├── CommandExecChmod.java │ │ │ └── JavaNioPosixApi.java │ │ ├── gadget │ │ ├── MaliciousPayload.java │ │ ├── SuperMap.java │ │ └── cachedata │ │ │ ├── CacheData.java │ │ │ ├── FileCacheData.java │ │ │ └── SpecialCacheData.java │ │ ├── googlemaps │ │ ├── Base64.java │ │ ├── GoogleMapsSigUtil.java │ │ └── UrlSigner.java │ │ ├── graph │ │ ├── Application.java │ │ ├── MainStart.java │ │ ├── WelcomeController.java │ │ └── XmlService.java │ │ ├── groovy │ │ └── GroovyShellUsage.java │ │ ├── juliet │ │ ├── CWE113_HTTP_Response_Splitting__File_addCookieServlet_12.java │ │ ├── CWE90_LDAP_Injection__File_68a.java │ │ ├── CWE90_LDAP_Injection__File_68b.java │ │ └── IO.java │ │ ├── ldap │ │ ├── AnonymousLdap.java │ │ ├── JndiLdap.java │ │ ├── JndiLdapAdditionalSignature.java │ │ ├── JndiLdapSpecial.java │ │ ├── LdapEntryPoisoning.java │ │ ├── SpringLdap.java │ │ └── UnboundIdLdap.java │ │ ├── logging │ │ ├── SensitiveLogging.java │ │ └── Slf4jSample.java │ │ ├── modify_validate │ │ ├── ModifyAfter.java │ │ └── ModifyBefore.java │ │ ├── normalize │ │ ├── NormalizeAfter.java │ │ └── NormalizeBefore.java │ │ ├── oauth │ │ ├── SpringServerConfig.java │ │ └── VertxOauth2Config.java │ │ ├── pages │ │ ├── Index.java │ │ └── TapestryPage.java │ │ ├── password │ │ ├── ConstantPasswords.java │ │ ├── EqualsPasswordField.java │ │ ├── JdbcDriverConnection.java │ │ ├── JndiProperties.java │ │ ├── JschSshPassword.java │ │ ├── UnsafeCompareHash.java │ │ ├── VariousMap.java │ │ └── customapi │ │ │ ├── HardCodeSample.java │ │ │ └── Vault.java │ │ ├── pathtraversal │ │ ├── NioPathTraversal.java │ │ ├── PathTraversal.java │ │ ├── PathTraversalConstantValue.java │ │ ├── PathTraversalSeparatorFalsePositive.java │ │ └── PathTraversalTempDirectory.java │ │ ├── permission │ │ ├── ReflectPermissionNewProxyInPackage.java │ │ ├── ReflectPermissionSuppressAccessChecks.java │ │ ├── RuntimePermissionCreateClassLoader.java │ │ └── RuntimePermissionGetClassLoader.java │ │ ├── potential │ │ ├── PotentialAlgorithm.java │ │ └── PotentialHardcodePassword.java │ │ ├── saml │ │ ├── BufferHandler.java │ │ ├── SafeComments.java │ │ ├── UnsafeComments.java │ │ ├── XmlIgnoreCommentsDocumentParser.java │ │ └── XmlIgnoreCommentsSaxParser.java │ │ ├── script │ │ ├── ElExpressionSample.java │ │ ├── ScriptEngineSample.java │ │ ├── SeamLogging.java │ │ ├── SpelSample.java │ │ └── ognl │ │ │ ├── OgnlReflectionProviderSample.java │ │ │ ├── OgnlUtilSample.java │ │ │ ├── StrutsTaintedApi.java │ │ │ ├── TextParserSample.java │ │ │ └── ValueStackSample.java │ │ ├── serial │ │ ├── JacksonSerialisationFalsePositive.java │ │ ├── ObjectDeserialization.java │ │ ├── ObjectDeserializationFalsePositive1.java │ │ ├── ObjectDeserializationFalsePositive2.java │ │ ├── ObjectInputSig.java │ │ ├── UnsafeJacksonObjectDeserialization.java │ │ ├── commonscollections4 │ │ │ └── InvokerTransformer.java │ │ ├── groovy │ │ │ ├── ConversionHandler.java │ │ │ └── ConvertedClosure.java │ │ └── spring │ │ │ ├── MethodInvokeTypeProvider.java │ │ │ └── TypeProvider.java │ │ ├── sessionfilter │ │ ├── AcegiSafeSessionFilter.java │ │ ├── AcegiUnSafeSessionFilter.java │ │ ├── SpringSafeSessionFilter.java │ │ └── SpringUnSafeSessionFilter.java │ │ ├── smtp │ │ └── SmtpClient.java │ │ ├── spelviewinjection │ │ ├── SpelView.java │ │ └── VerboseErrorController.java │ │ ├── spring │ │ ├── SampleEntity.java │ │ ├── SampleEntityTwo.java │ │ ├── SpringEntityLeakController.java │ │ ├── SpringEntityLeakControllerInterface.java │ │ └── SpringUnvalidatedRedirectController.java │ │ ├── sqli │ │ ├── CustomInjection.java │ │ ├── HibernateSql.java │ │ ├── Jdbc.java │ │ ├── JdoSql.java │ │ ├── JdoSqlFilter.java │ │ ├── JpaSql.java │ │ ├── SpringBatchUpdateUtils.java │ │ ├── SpringJdbcOperations.java │ │ ├── SpringJdbcTemplate.java │ │ ├── SpringPreparedStatementCreatorFactory.java │ │ ├── UserEntity.java │ │ ├── VertxSqlClient.java │ │ ├── android │ │ │ ├── AndroidContentProviderUsage.java │ │ │ ├── AndroidSql.java │ │ │ ├── LocalProvider.java │ │ │ └── NullContentProvider.java │ │ ├── msgformat │ │ │ ├── SpringJdbcWithMessageFormatFP.java │ │ │ └── SpringJdbcWithMessageFormatVulnerable.java │ │ ├── source │ │ │ └── MethodUnknownSource.java │ │ ├── stringbuilder │ │ │ ├── StringBuilderFalsePositive.java │ │ │ └── StringBuilderSuspicious.java │ │ └── turbine │ │ │ ├── SomePeer.java │ │ │ ├── TorqueSql.java │ │ │ └── TurbineSql.java │ │ ├── strsubstitutor │ │ ├── StringSubstitutorSafe.java │ │ └── StringSubstitutorUnsafe.java │ │ ├── struts1 │ │ ├── FormWithValidation.java │ │ ├── FormWithoutValidation1.java │ │ ├── FormWithoutValidation2.java │ │ ├── StrutsV1Action.java │ │ └── TestForm.java │ │ ├── struts2 │ │ └── StrutsV2Endpoint.java │ │ ├── taint │ │ ├── CharacterTaintPropagation.java │ │ ├── CommentDto.java │ │ ├── JaxRsAnnotatedController.java │ │ ├── ParameterTaintBackPropagation.java │ │ ├── SafeTaintedByAnnotationEndpoint.java │ │ ├── StaticContextTaintPropagation.java │ │ ├── UnsafeTaintedByAnnotationEndpoint.java │ │ └── VariousTaintedAnnotation.java │ │ ├── template │ │ ├── FreemarkerUsage.java │ │ ├── PebbleUsage.java │ │ └── VelocityUsage.java │ │ ├── trust │ │ ├── TrustBoundaryViolation.java │ │ └── TrustBoundaryViolationAttribute.java │ │ ├── trustmanager │ │ ├── KeyStoresTrustManager.java │ │ └── WeakTrustManager.java │ │ ├── unicode │ │ ├── RiskyCaseMappingSample.java │ │ ├── RiskyNormalizationSample.java │ │ ├── UnmappedCharacters.java │ │ └── Utils.java │ │ ├── util │ │ └── HexUtil.java │ │ ├── wicket │ │ ├── WicketWebPage.java │ │ ├── XssSafeWicketExamplePage.java │ │ ├── XssUnknownWicketExamplePage.java │ │ └── XssWicketExamplePage.java │ │ ├── xml │ │ └── XmlInjection.java │ │ ├── xmldecoder │ │ └── XmlDecodeUtil.java │ │ ├── xpath │ │ ├── XPathApacheXPathApi.java │ │ ├── XPathApacheXmlSec.java │ │ ├── XPathBadApi.java │ │ ├── XPathJavax.java │ │ ├── XPathJavaxCustomSafe.java │ │ ├── XPathJavaxCustomSinks.java │ │ ├── XPathJavaxSafe.java │ │ ├── XPathSuperSecureUtil.java │ │ └── XmlUtils.java │ │ ├── xsl │ │ └── StdXmlTransform.java │ │ ├── xss │ │ ├── ByPassExamplePoc.java │ │ ├── FalsePositiveRequestWrapper.java │ │ ├── XSSRequestWrapper.java │ │ ├── XSSRequestWrapper2.java │ │ ├── benchmark │ │ │ └── Benchmark00013.java │ │ ├── encoder │ │ │ ├── ApacheCommonsLang26.java │ │ │ ├── ApacheCommonsLang3.java │ │ │ └── ApacheCommonsText.java │ │ ├── portlets │ │ │ ├── XssIbmPortlet.java │ │ │ └── XssPortlet.java │ │ └── servlets │ │ │ ├── XssServlet1.java │ │ │ ├── XssServlet2.java │ │ │ ├── XssServlet3.java │ │ │ ├── XssServlet4.java │ │ │ ├── XssServlet5.java │ │ │ ├── XssServlet6.java │ │ │ └── XssServlet7.java │ │ └── xxe │ │ ├── DocumentBuilderSafeProperty.java │ │ ├── DocumentBuilderVulnerable.java │ │ ├── SaxParserSafeEntityResolver.java │ │ ├── SaxParserSafePrivilegedExceptionAction.java │ │ ├── SaxParserSafeProperty.java │ │ ├── SaxParserVulnerable.java │ │ ├── XmlReaderSafeProperty.java │ │ ├── XmlReaderVulnerable.java │ │ ├── schema │ │ ├── SchemaFactorySafeAccessExternalDisabled.java │ │ ├── SchemaFactorySafeFeatureSecureProcessing.java │ │ ├── SchemaFactoryVulnerableExternalEntityRef.java │ │ └── SchemaFactoryVulnerableExternalSchemaLocation.java │ │ ├── transformerfactory │ │ ├── SaxTransformerFactoryVulnerable.java │ │ ├── TransformerFactorySafe.java │ │ └── TransformerFactoryVulnerable.java │ │ ├── util │ │ └── PrintHandler.java │ │ ├── validator │ │ ├── ValidatorSafeAccessExternalDisabled.java │ │ ├── ValidatorSafeFeatureSecureProcessing.java │ │ ├── ValidatorVulnerableExternalEntityRef.java │ │ └── ValidatorVulnerableExternalSchemaLocation.java │ │ ├── xmlinputfactory │ │ ├── FilteredReaderSafe.java │ │ ├── FilteredReaderVulnerable.java │ │ ├── XMLEventReaderSafe.java │ │ ├── XMLEventReaderVulnerable.java │ │ ├── XMLStreamReaderSafe.java │ │ └── XMLStreamReaderVulnerable.java │ │ └── xpathexpression │ │ ├── XPathExpressionSafe.java │ │ └── XPathExpressionVulnerable.java │ └── resources │ └── testcode │ ├── xml │ └── simple.xml │ ├── xmldecoder │ └── obj1.xml │ ├── xpath │ └── data.xml │ ├── xsl │ ├── input.xml │ ├── xsl_evil.xsl │ └── xsl_safe.xsl │ └── xxe │ ├── dos_xxe.xml │ ├── simple_xxe.xml │ └── simple_xxe.xslt ├── findsecbugs-samples-java11 ├── pom.xml └── src │ └── test │ └── java │ └── testcode │ └── taint │ └── StringConcatenation.java ├── findsecbugs-samples-jsp ├── pom.xml └── src │ └── test │ └── webapp │ ├── WEB-INF │ ├── owasp-java-encoder.tld │ ├── safe-encoder-example.tld │ ├── spring.tld │ └── web.xml │ ├── includes │ ├── ${param.secret_param}.jsp │ ├── include_me.jsp │ ├── jsp_include_1.jsp │ ├── jsp_include_2_safe.jsp │ ├── jsp_include_3.jsp │ └── jsp_include_4_safe.jsp │ ├── jstl │ ├── jstl_escape_1.jsp │ ├── jstl_escape_2.jsp │ ├── jstl_escape_3.jsp │ ├── jstl_escape_4.jsp │ ├── jstl_expression_custom_insecure.jsp │ ├── jstl_expression_custom_secure.jsp │ ├── jstl_expression_insecure.jsp │ └── jstl_expression_secure.jsp │ ├── spring │ ├── spring_eval_1.jsp │ ├── spring_eval_2.jsp │ ├── spring_eval_3.jsp │ └── spring_eval_4_safe.jsp │ ├── xml │ ├── xml1.jsp │ └── xml2.jsp │ ├── xsl │ ├── xsl1.jsp │ ├── xsl2.jsp │ ├── xsl3.jsp │ └── xsl4.jsp │ ├── xss │ ├── xss_1_direct_use.jsp │ ├── xss_2_transfer_local.jsp │ ├── xss_3_false_positive_static_function.jsp │ ├── xss_4_false_positive_overwrite_local.jsp │ ├── xss_5_multiple_transfer_local.jsp │ ├── xss_6_get_parameter.jsp │ ├── xss_7_false_positive_direct_cast.jsp │ ├── xss_8_request_attribute.jsp │ └── xss_9_owasp_taglib.jsp │ └── xss_fp │ └── xss_resource_bundle.jsp ├── findsecbugs-samples-kotlin ├── pom.xml └── src │ └── test │ └── kotlin │ └── com │ └── h3xstream │ └── findsecbugs │ ├── HardcodedPasswordMap.kt │ ├── command │ ├── IdentityFunctionCommandInjection.kt │ └── StringManipulationCommandInjection.kt │ ├── deserialisation │ ├── InvokerTransformer.kt │ ├── MethodInvokeTypeProvider.kt │ ├── ObjectDeserialization.kt │ ├── SerialisationFalsePositive.kt │ ├── TypeProvider.kt │ └── UserEntity.kt │ ├── injection │ ├── KotlinLogging.kt │ └── KotlinSlf4jSample.kt │ ├── jackson │ ├── JacksonFalsePositive.kt │ └── UnsafeJacksonObjectDeserialization.kt │ ├── password │ └── HardcodedPassword.kt │ └── pathtraversal │ └── PathTraversalKotlin.kt ├── findsecbugs-test-util ├── pom.xml └── src │ └── test │ └── java │ └── com │ └── h3xstream │ ├── findbugs │ └── test │ │ ├── BaseDetectorTest.java │ │ ├── DummyProgress.java │ │ ├── EasyBugReporter.java │ │ ├── FbTestGlobalSettings.java │ │ ├── jsp │ │ ├── ClassMetadataLoadingException.java │ │ ├── DebugExtensionExtractor.java │ │ └── SmapParser.java │ │ ├── matcher │ │ ├── BugInstanceMatcher.java │ │ └── BugInstanceMatcherBuilder.java │ │ ├── package-info.java │ │ └── service │ │ ├── ClassFileLocator.java │ │ └── FindBugsLauncher.java │ └── testng │ └── VerboseTestListener.java ├── pom.xml └── website ├── BuildWebPage.bat ├── BuildWebPage.groovy ├── MetadataFileUtil.groovy ├── README.md ├── SpellCheckTest.groovy ├── out_web ├── .gitignore ├── css │ ├── agency.css │ ├── bootstrap.css │ ├── font-awesome.css │ ├── fsb-custom-theme.css │ └── prism.css ├── fonts │ ├── fontawesome-webfont.ttf │ └── fontawesome-webfont.woff ├── images │ ├── favicon.png │ ├── gosecure.png │ ├── lgplv3.png │ └── screens │ │ ├── eclipse.png │ │ ├── intellij.png │ │ └── sonar.png └── js │ ├── bootstrap.min.js │ ├── fsb-custom.js │ ├── jquery.min.js │ └── prism.js ├── spell ├── accronyms.txt └── dictionary.txt └── templates ├── bugs.htm ├── common_footer.htm ├── common_header.htm ├── download.htm ├── home.htm ├── license.htm ├── security.htm ├── social.htm └── tutorials.htm /.github/ISSUE_TEMPLATE/Bug_report.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/.github/ISSUE_TEMPLATE/Bug_report.md -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/Feature_request.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/.github/ISSUE_TEMPLATE/Feature_request.md -------------------------------------------------------------------------------- /.github/ISSUE_TEMPLATE/Support.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/.github/ISSUE_TEMPLATE/Support.md -------------------------------------------------------------------------------- /.github/codeql/codeql-config.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/.github/codeql/codeql-config.yml -------------------------------------------------------------------------------- /.github/workflows/codeql-analysis.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/.github/workflows/codeql-analysis.yml -------------------------------------------------------------------------------- /.github/workflows/spotbugs.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/.github/workflows/spotbugs.yml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/.gitignore -------------------------------------------------------------------------------- /.travis.yml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/.travis.yml -------------------------------------------------------------------------------- /CHANGELOG.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/CHANGELOG.md -------------------------------------------------------------------------------- /CONTRIBUTING.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/CONTRIBUTING.md -------------------------------------------------------------------------------- /LGPL-3.0-header.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/LGPL-3.0-header.txt -------------------------------------------------------------------------------- /LGPL-3.0.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/LGPL-3.0.txt -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/README.md -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/SECURITY.md -------------------------------------------------------------------------------- /cli/.gitignore: -------------------------------------------------------------------------------- 1 | lib/ 2 | *.zip -------------------------------------------------------------------------------- /cli/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/cli/README.md -------------------------------------------------------------------------------- /cli/build.gradle: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/cli/build.gradle -------------------------------------------------------------------------------- /cli/findsecbugs.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/cli/findsecbugs.bat -------------------------------------------------------------------------------- /cli/findsecbugs.sh: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/cli/findsecbugs.sh -------------------------------------------------------------------------------- /cli/gradle.properties: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/cli/gradle.properties -------------------------------------------------------------------------------- /cli/include.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/cli/include.xml -------------------------------------------------------------------------------- /findsecbugs-plugin/derived-config.txt: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /findsecbugs-plugin/pom.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/pom.xml -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/java/com/h3xstream/findsecbugs/BCELUtil.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/java/com/h3xstream/findsecbugs/BCELUtil.java -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/java/com/h3xstream/findsecbugs/ReDosDetector.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/java/com/h3xstream/findsecbugs/ReDosDetector.java -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/java/com/h3xstream/findsecbugs/RegexRedosAnalyzer.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/java/com/h3xstream/findsecbugs/RegexRedosAnalyzer.java -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/java/com/h3xstream/findsecbugs/common/ByteCode.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/java/com/h3xstream/findsecbugs/common/ByteCode.java -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/java/com/h3xstream/findsecbugs/common/JspUtils.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/java/com/h3xstream/findsecbugs/common/JspUtils.java -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/java/com/h3xstream/findsecbugs/common/StackUtils.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/java/com/h3xstream/findsecbugs/common/StackUtils.java -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/java/com/h3xstream/findsecbugs/common/TaintUtil.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/java/com/h3xstream/findsecbugs/common/TaintUtil.java -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/java/com/h3xstream/findsecbugs/jsp/JstlOutDetector.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/java/com/h3xstream/findsecbugs/jsp/JstlOutDetector.java -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/java/com/h3xstream/findsecbugs/taintanalysis/Taint.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/java/com/h3xstream/findsecbugs/taintanalysis/Taint.java -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/java/com/h3xstream/findsecbugs/xml/XxeDetector.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/java/com/h3xstream/findsecbugs/xml/XxeDetector.java -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/java/com/h3xstream/findsecbugs/xpath/package-info.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/java/com/h3xstream/findsecbugs/xpath/package-info.java -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/java/com/h3xstream/findsecbugs/xss/XssJspDetector.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/java/com/h3xstream/findsecbugs/xss/XssJspDetector.java -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/aws.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/aws.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/beans.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/beans.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/command-scala.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/command-scala.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/command.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/command.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/crlf-logs.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/crlf-logs.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/el.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/el.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/formatter.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/formatter.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/http-parameter-pollution.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/http-parameter-pollution.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/kotlin-path-traversal-in.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/kotlin-path-traversal-in.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/ldap.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/ldap.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/path-traversal-in.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/path-traversal-in.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/path-traversal-out.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/path-traversal-out.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/response-splitting.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/response-splitting.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/scala-path-traversal-in.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/scala-path-traversal-in.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/scala-path-traversal-out.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/scala-path-traversal-out.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/scala-play-ssrf.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/scala-play-ssrf.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/script-engine.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/script-engine.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/seam-el.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/seam-el.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/smtp.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/smtp.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/spel.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/spel.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/spring-file-disclosure.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/spring-file-disclosure.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/sql-android.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/sql-android.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/sql-hibernate.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/sql-hibernate.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/sql-jdbc.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/sql-jdbc.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/sql-jdo.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/sql-jdo.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/sql-jpa.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/sql-jpa.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/sql-scala-anorm.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/sql-scala-anorm.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/sql-scala-slick.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/sql-scala-slick.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/sql-spring.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/sql-spring.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/sql-turbine.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/sql-turbine.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/sql-vertx-sql-client.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/sql-vertx-sql-client.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/struts-file-disclosure.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/struts-file-disclosure.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/struts2.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/struts2.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/urlconnection-ssrf.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/urlconnection-ssrf.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/xpath-apache.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/xpath-apache.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/xpath-javax.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/xpath-javax.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/xslt.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/xslt.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/xss-jsp.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/xss-jsp.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/xss-scala-mvc-api.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/xss-scala-mvc-api.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/xss-scala-twirl.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/xss-scala-twirl.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/injection-sinks/xss-servlet.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/injection-sinks/xss-servlet.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/metadata/META-INF/MANIFEST.MF: -------------------------------------------------------------------------------- 1 | Manifest-Version: 1.0 2 | 3 | -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/metadata/findbugs.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/metadata/findbugs.xml -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/metadata/messages.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/metadata/messages.xml -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/metadata/messages_ja.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/metadata/messages_ja.xml -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/password-methods/password-methods-all.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/password-methods/password-methods-all.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/safe-encoders/apache-commons.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/safe-encoders/apache-commons.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/safe-encoders/other.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/safe-encoders/other.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/safe-encoders/owasp.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/safe-encoders/owasp.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/taint-config/android-taint-sql.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/taint-config/android-taint-sql.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/taint-config/collections.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/taint-config/collections.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/taint-config/dropwizard.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/taint-config/dropwizard.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/taint-config/guava.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/taint-config/guava.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/taint-config/java-ee.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/taint-config/java-ee.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/taint-config/java-lang.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/taint-config/java-lang.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/taint-config/java-net.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/taint-config/java-net.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/taint-config/jetty.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/taint-config/jetty.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/taint-config/logging.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/taint-config/logging.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/taint-config/other.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/taint-config/other.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/taint-config/portlet.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/taint-config/portlet.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/taint-config/scala.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/taint-config/scala.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/taint-config/sonarqube.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/taint-config/sonarqube.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/taint-config/struts2-taint.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/taint-config/struts2-taint.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/taint-config/taint-param-annotations.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/taint-config/taint-param-annotations.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/taint-config/taint-sensitive-data.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/taint-config/taint-sensitive-data.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/taint-config/tainted-system-variables.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/taint-config/tainted-system-variables.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/main/resources/taint-config/wicket.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/main/resources/taint-config/wicket.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/test/java/com/h3xstream/findsecbugs/ReDosDetectorTest.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/test/java/com/h3xstream/findsecbugs/ReDosDetectorTest.java -------------------------------------------------------------------------------- /findsecbugs-plugin/src/test/java/com/h3xstream/findsecbugs/common/ByteCodeTest.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/test/java/com/h3xstream/findsecbugs/common/ByteCodeTest.java -------------------------------------------------------------------------------- /findsecbugs-plugin/src/test/java/com/h3xstream/findsecbugs/xml/XxeDetectorTest.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/test/java/com/h3xstream/findsecbugs/xml/XxeDetectorTest.java -------------------------------------------------------------------------------- /findsecbugs-plugin/src/test/resources/bytecode_samples/jsp_jstl_out_weblogic12.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/test/resources/bytecode_samples/jsp_jstl_out_weblogic12.jar -------------------------------------------------------------------------------- /findsecbugs-plugin/src/test/resources/bytecode_samples/scala_command_injection.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/test/resources/bytecode_samples/scala_command_injection.jar -------------------------------------------------------------------------------- /findsecbugs-plugin/src/test/resources/bytecode_samples/scala_path_traversal.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/test/resources/bytecode_samples/scala_path_traversal.jar -------------------------------------------------------------------------------- /findsecbugs-plugin/src/test/resources/bytecode_samples/scala_play_openredirect.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/test/resources/bytecode_samples/scala_play_openredirect.jar -------------------------------------------------------------------------------- /findsecbugs-plugin/src/test/resources/bytecode_samples/scala_play_ssrf.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/test/resources/bytecode_samples/scala_play_ssrf.jar -------------------------------------------------------------------------------- /findsecbugs-plugin/src/test/resources/bytecode_samples/scala_random.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/test/resources/bytecode_samples/scala_random.jar -------------------------------------------------------------------------------- /findsecbugs-plugin/src/test/resources/bytecode_samples/scala_sql_injection.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/test/resources/bytecode_samples/scala_sql_injection.jar -------------------------------------------------------------------------------- /findsecbugs-plugin/src/test/resources/bytecode_samples/scala_ssl_disabler.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/test/resources/bytecode_samples/scala_ssl_disabler.jar -------------------------------------------------------------------------------- /findsecbugs-plugin/src/test/resources/bytecode_samples/scala_stringbuilder_taint.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/test/resources/bytecode_samples/scala_stringbuilder_taint.jar -------------------------------------------------------------------------------- /findsecbugs-plugin/src/test/resources/bytecode_samples/scala_xss.jar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/test/resources/bytecode_samples/scala_xss.jar -------------------------------------------------------------------------------- /findsecbugs-plugin/src/test/resources/com/h3xstream/findsecbugs/xss/CustomConfig.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/test/resources/com/h3xstream/findsecbugs/xss/CustomConfig.txt -------------------------------------------------------------------------------- /findsecbugs-plugin/src/test/resources/logback-test.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/src/test/resources/logback-test.xml -------------------------------------------------------------------------------- /findsecbugs-plugin/test-dependencies.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-plugin/test-dependencies.xml -------------------------------------------------------------------------------- /findsecbugs-samples-deps/pom.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/pom.xml -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/PluginDepsClassPathFinder.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/PluginDepsClassPathFinder.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/app/Activity.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/app/Activity.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/content/BroadcastReceiver.java: -------------------------------------------------------------------------------- 1 | package android.content; 2 | 3 | public abstract class BroadcastReceiver { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/content/ComponentCallbacks.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/content/ComponentCallbacks.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/content/ComponentCallbacks2.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/content/ComponentCallbacks2.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/content/ContentProvider.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/content/ContentProvider.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/content/ContentResolver.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/content/ContentResolver.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/content/ContentValues.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/content/ContentValues.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/content/Context.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/content/Context.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/content/ContextWrapper.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/content/ContextWrapper.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/content/Intent.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/content/Intent.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/content/UriMatcher.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/content/UriMatcher.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/content/res/Configuration.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/content/res/Configuration.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/database/CharArrayBuffer.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/database/CharArrayBuffer.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/database/Cursor.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/database/Cursor.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/database/DatabaseErrorHandler.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/database/DatabaseErrorHandler.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/database/DatabaseUtils.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/database/DatabaseUtils.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/database/SQLException.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/database/SQLException.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/database/sqlite/SQLiteClosable.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/database/sqlite/SQLiteClosable.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/database/sqlite/SQLiteDatabase.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/database/sqlite/SQLiteDatabase.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/database/sqlite/SQLiteException.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/database/sqlite/SQLiteException.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/database/sqlite/SQLiteOpenHelper.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/database/sqlite/SQLiteOpenHelper.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/database/sqlite/SQLiteProgram.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/database/sqlite/SQLiteProgram.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/database/sqlite/SQLiteQuery.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/database/sqlite/SQLiteQuery.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/database/sqlite/SQLiteStatement.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/database/sqlite/SQLiteStatement.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/net/Uri.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/net/Uri.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/os/Bundle.java: -------------------------------------------------------------------------------- 1 | package android.os; 2 | 3 | public final class Bundle { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/os/CancellationSignal.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/os/CancellationSignal.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/os/Environment.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/os/Environment.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/os/Handler.java: -------------------------------------------------------------------------------- 1 | package android.os; 2 | 3 | public class Handler { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/os/IBinder.java: -------------------------------------------------------------------------------- 1 | package android.os; 2 | 3 | public interface IBinder { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/os/Parcel.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/os/Parcel.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/os/ParcelFileDescriptor.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/os/ParcelFileDescriptor.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/os/Parcelable.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/os/Parcelable.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/os/UserHandle.java: -------------------------------------------------------------------------------- 1 | package android.os; 2 | 3 | public final class UserHandle { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/util/Log.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/util/Log.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/util/Pair.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/util/Pair.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/view/ContextThemeWrapper.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/view/ContextThemeWrapper.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/view/View.java: -------------------------------------------------------------------------------- 1 | package android.view; 2 | 3 | public class View { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/webkit/GeolocationPermissions.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/webkit/GeolocationPermissions.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/webkit/ValueCallback.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/webkit/ValueCallback.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/webkit/WebChromeClient.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/webkit/WebChromeClient.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/webkit/WebSettings.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/webkit/WebSettings.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/webkit/WebView.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/android/webkit/WebView.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/android/webkit/WebViewClient.java: -------------------------------------------------------------------------------- 1 | package android.webkit; 2 | 3 | public class WebViewClient { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/com/amazonaws/auth/BasicAWSCredentials.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/com/amazonaws/auth/BasicAWSCredentials.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/com/google/common/base/Optional.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/com/google/common/base/Optional.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/com/google/common/escape/Escaper.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/com/google/common/escape/Escaper.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/com/google/common/net/PercentEscaper.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/com/google/common/net/PercentEscaper.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/com/google/common/net/UrlEscapers.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/com/google/common/net/UrlEscapers.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/com/hazelcast/config/Config.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/com/hazelcast/config/Config.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/com/hazelcast/config/MapConfig.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/com/hazelcast/config/MapConfig.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/com/hazelcast/config/NetworkConfig.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/com/hazelcast/config/NetworkConfig.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/com/hazelcast/core/Hazelcast.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/com/hazelcast/core/Hazelcast.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/com/hazelcast/core/IMap.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/com/hazelcast/core/IMap.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/com/jcraft/jsch/JSch.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/com/jcraft/jsch/JSch.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/com/jcraft/jsch/JSchException.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/com/jcraft/jsch/JSchException.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/com/mitchellbosecke/pebble/PebbleEngine.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/com/mitchellbosecke/pebble/PebbleEngine.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/com/opensymphony/xwork2/ognl/OgnlUtil.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/com/opensymphony/xwork2/ognl/OgnlUtil.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/com/opensymphony/xwork2/util/TextParser.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/com/opensymphony/xwork2/util/TextParser.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/com/opensymphony/xwork2/util/ValueStack.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/com/opensymphony/xwork2/util/ValueStack.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/com/sun/jndi/ldap/LdapCtx.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/com/sun/jndi/ldap/LdapCtx.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/com/typesafe/config/Config.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/com/typesafe/config/Config.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/com/unboundid/ldap/sdk/DereferencePolicy.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/com/unboundid/ldap/sdk/DereferencePolicy.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/com/unboundid/ldap/sdk/Entry.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/com/unboundid/ldap/sdk/Entry.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/com/unboundid/ldap/sdk/LDAPConnection.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/com/unboundid/ldap/sdk/LDAPConnection.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/com/unboundid/ldap/sdk/LDAPException.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/com/unboundid/ldap/sdk/LDAPException.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/com/unboundid/ldap/sdk/LDAPInterface.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/com/unboundid/ldap/sdk/LDAPInterface.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/com/unboundid/ldap/sdk/ReadOnlyEntry.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/com/unboundid/ldap/sdk/ReadOnlyEntry.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/com/unboundid/ldap/sdk/ResultCode.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/com/unboundid/ldap/sdk/ResultCode.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/com/unboundid/ldap/sdk/SearchResult.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/com/unboundid/ldap/sdk/SearchResult.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/com/unboundid/ldap/sdk/SearchResultEntry.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/com/unboundid/ldap/sdk/SearchResultEntry.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/com/unboundid/ldap/sdk/SearchScope.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/com/unboundid/ldap/sdk/SearchScope.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/flexjson/JSONSerializer.java: -------------------------------------------------------------------------------- 1 | package flexjson; 2 | 3 | public class JSONSerializer { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/freemarker/template/Configuration.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/freemarker/template/Configuration.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/freemarker/template/ObjectWrapper.java: -------------------------------------------------------------------------------- 1 | package freemarker.template; 2 | 3 | public interface ObjectWrapper { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/freemarker/template/Template.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/freemarker/template/Template.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/freemarker/template/TemplateException.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/freemarker/template/TemplateException.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/freemarker/template/TemplateNodeModel.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/freemarker/template/TemplateNodeModel.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/groovy/lang/Closure.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/groovy/lang/Closure.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/groovy/lang/GroovyClassLoader.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/groovy/lang/GroovyClassLoader.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/groovy/lang/GroovyCodeSource.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/groovy/lang/GroovyCodeSource.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/groovy/lang/GroovyShell.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/groovy/lang/GroovyShell.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/groovy/lang/Script.java: -------------------------------------------------------------------------------- 1 | package groovy.lang; 2 | 3 | public abstract class Script { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/io/dropwizard/servlets/Servlets.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/io/dropwizard/servlets/Servlets.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/io/vertx/core/AsyncResult.java: -------------------------------------------------------------------------------- 1 | package io.vertx.core; 2 | 3 | public interface AsyncResult { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/io/vertx/core/Future.java: -------------------------------------------------------------------------------- 1 | package io.vertx.core; 2 | 3 | public interface Future { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/io/vertx/core/Handler.java: -------------------------------------------------------------------------------- 1 | package io.vertx.core; 2 | 3 | public interface Handler { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/io/vertx/core/Vertx.java: -------------------------------------------------------------------------------- 1 | package io.vertx.core; 2 | 3 | public interface Vertx { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/io/vertx/ext/auth/oauth2/OAuth2Options.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/io/vertx/ext/auth/oauth2/OAuth2Options.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/io/vertx/ext/web/RoutingContext.java: -------------------------------------------------------------------------------- 1 | package io.vertx.ext.web; 2 | 3 | public interface RoutingContext { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/io/vertx/ext/web/handler/CSRFHandler.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/io/vertx/ext/web/handler/CSRFHandler.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/io/vertx/sqlclient/PreparedQuery.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/io/vertx/sqlclient/PreparedQuery.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/io/vertx/sqlclient/PreparedStatement.java: -------------------------------------------------------------------------------- 1 | package io.vertx.sqlclient; 2 | 3 | public interface PreparedStatement { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/io/vertx/sqlclient/Query.java: -------------------------------------------------------------------------------- 1 | package io.vertx.sqlclient; 2 | 3 | public interface Query { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/io/vertx/sqlclient/Row.java: -------------------------------------------------------------------------------- 1 | package io.vertx.sqlclient; 2 | 3 | public interface Row { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/io/vertx/sqlclient/RowSet.java: -------------------------------------------------------------------------------- 1 | package io.vertx.sqlclient; 2 | 3 | public interface RowSet { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/io/vertx/sqlclient/SqlClient.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/io/vertx/sqlclient/SqlClient.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/io/vertx/sqlclient/SqlConnection.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/io/vertx/sqlclient/SqlConnection.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/el/ELContext.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/el/ELContext.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/el/ELException.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/el/ELException.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/el/ELResolver.java: -------------------------------------------------------------------------------- 1 | package javax.el; 2 | 3 | public abstract class ELResolver { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/el/ExpressionFactory.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/el/ExpressionFactory.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/el/FunctionMapper.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/el/FunctionMapper.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/el/MethodExpression.java: -------------------------------------------------------------------------------- 1 | package javax.el; 2 | 3 | public abstract class MethodExpression { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/el/ValueExpression.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/el/ValueExpression.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/faces/application/Application.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/faces/application/Application.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/faces/context/FacesContext.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/faces/context/FacesContext.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/jdo/Extent.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/jdo/Extent.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/jdo/JDOHelper.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/jdo/JDOHelper.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/jdo/PersistenceManager.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/jdo/PersistenceManager.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/jdo/PersistenceManagerFactory.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/jdo/PersistenceManagerFactory.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/jdo/Query.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/jdo/Query.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/mail/Address.java: -------------------------------------------------------------------------------- 1 | package javax.mail; 2 | 3 | public abstract class Address { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/mail/Authenticator.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/mail/Authenticator.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/mail/Message.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/mail/Message.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/mail/MessagingException.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/mail/MessagingException.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/mail/Part.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/mail/Part.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/mail/PasswordAuthentication.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/mail/PasswordAuthentication.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/mail/Service.java: -------------------------------------------------------------------------------- 1 | package javax.mail; 2 | 3 | public abstract class Service { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/mail/Session.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/mail/Session.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/mail/Transport.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/mail/Transport.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/mail/internet/AddressException.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/mail/internet/AddressException.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/mail/internet/InternetAddress.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/mail/internet/InternetAddress.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/mail/internet/MimeMessage.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/mail/internet/MimeMessage.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/persistence/Entity.java: -------------------------------------------------------------------------------- 1 | package javax.persistence; 2 | 3 | public @interface Entity { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/persistence/EntityManager.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/persistence/EntityManager.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/persistence/Id.java: -------------------------------------------------------------------------------- 1 | package javax.persistence; 2 | 3 | public @interface Id { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/persistence/Query.java: -------------------------------------------------------------------------------- 1 | package javax.persistence; 2 | 3 | public interface Query { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/persistence/TypedQuery.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/persistence/TypedQuery.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/persistence/criteria/CriteriaQuery.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/persistence/criteria/CriteriaQuery.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/portlet/ActionRequest.java: -------------------------------------------------------------------------------- 1 | package javax.portlet; 2 | 3 | public interface ActionRequest { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/portlet/BaseURL.java: -------------------------------------------------------------------------------- 1 | package javax.portlet; 2 | 3 | public interface BaseURL { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/portlet/ClientDataRequest.java: -------------------------------------------------------------------------------- 1 | package javax.portlet; 2 | 3 | public interface ClientDataRequest { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/portlet/GenericPortlet.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/portlet/GenericPortlet.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/portlet/MimeResponse.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/portlet/MimeResponse.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/portlet/PortletConfig.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/portlet/PortletConfig.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/portlet/PortletException.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/portlet/PortletException.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/portlet/PortletRequest.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/portlet/PortletRequest.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/portlet/PortletResponse.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/portlet/PortletResponse.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/portlet/RenderRequest.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/portlet/RenderRequest.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/portlet/RenderResponse.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/portlet/RenderResponse.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/portlet/ResourceRequest.java: -------------------------------------------------------------------------------- 1 | package javax.portlet; 2 | 3 | public interface ResourceRequest { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/portlet/ResourceResponse.java: -------------------------------------------------------------------------------- 1 | package javax.portlet; 2 | 3 | public interface ResourceResponse { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/DispatcherType.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/DispatcherType.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/Filter.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/Filter.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/FilterChain.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/FilterChain.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/RequestDispatcher.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/RequestDispatcher.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/Servlet.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/Servlet.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/ServletConfig.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/ServletConfig.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/ServletContext.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/ServletContext.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/ServletException.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/ServletException.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/ServletOutputStream.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/ServletOutputStream.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/ServletRequest.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/ServletRequest.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/ServletRequestWrapper.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/ServletRequestWrapper.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/ServletResponse.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/ServletResponse.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/http/Cookie.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/http/Cookie.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/http/HttpServlet.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/http/HttpServlet.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/http/HttpServletRequest.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/http/HttpServletRequest.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/http/HttpServletResponse.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/http/HttpServletResponse.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/http/HttpSession.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/http/HttpSession.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/HttpJspPage.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/HttpJspPage.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/JspApplicationContext.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/JspApplicationContext.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/JspContext.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/JspContext.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/JspException.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/JspException.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/JspFactory.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/JspFactory.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/JspPage.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/JspPage.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/JspWriter.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/JspWriter.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/PageContext.java: -------------------------------------------------------------------------------- 1 | package javax.servlet.jsp; 2 | 3 | public abstract class PageContext { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/SkipPageException.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/SkipPageException.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/el/FunctionMapper.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/el/FunctionMapper.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/tagext/BodyContent.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/tagext/BodyContent.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/tagext/BodyTag.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/tagext/BodyTag.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/tagext/BodyTagSupport.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/tagext/BodyTagSupport.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/tagext/IterationTag.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/tagext/IterationTag.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/tagext/JspTag.java: -------------------------------------------------------------------------------- 1 | package javax.servlet.jsp.tagext; 2 | 3 | public interface JspTag { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/tagext/SimpleTag.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/tagext/SimpleTag.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/tagext/Tag.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/tagext/Tag.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/tagext/TagSupport.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/tagext/TagSupport.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/tagext/TryCatchFinally.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/servlet/jsp/tagext/TryCatchFinally.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/validation/constraints/Pattern.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/validation/constraints/Pattern.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/ws/rs/GET.java: -------------------------------------------------------------------------------- 1 | package javax.ws.rs; 2 | 3 | public @interface GET { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/ws/rs/Path.java: -------------------------------------------------------------------------------- 1 | package javax.ws.rs; 2 | 3 | public @interface Path { 4 | 5 | String value(); 6 | } 7 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/ws/rs/PathParam.java: -------------------------------------------------------------------------------- 1 | package javax.ws.rs; 2 | 3 | public @interface PathParam { 4 | 5 | String value(); 6 | } 7 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/ws/rs/core/CacheControl.java: -------------------------------------------------------------------------------- 1 | package javax.ws.rs.core; 2 | 3 | public class CacheControl { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/ws/rs/core/EntityTag.java: -------------------------------------------------------------------------------- 1 | package javax.ws.rs.core; 2 | 3 | public class EntityTag { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/ws/rs/core/GenericEntity.java: -------------------------------------------------------------------------------- 1 | package javax.ws.rs.core; 2 | 3 | public class GenericEntity { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/ws/rs/core/MediaType.java: -------------------------------------------------------------------------------- 1 | package javax.ws.rs.core; 2 | 3 | public class MediaType { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/ws/rs/core/MultivaluedMap.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/ws/rs/core/MultivaluedMap.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/ws/rs/core/NewCookie.java: -------------------------------------------------------------------------------- 1 | package javax.ws.rs.core; 2 | 3 | public class NewCookie { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/ws/rs/core/Response.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/javax/ws/rs/core/Response.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/javax/ws/rs/core/Variant.java: -------------------------------------------------------------------------------- 1 | package javax.ws.rs.core; 2 | 3 | public class Variant { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/kotlin/Metadata.java: -------------------------------------------------------------------------------- 1 | package kotlin; 2 | 3 | public class Metadata { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/kotlin/jvm/internal/Intrinsics.java: -------------------------------------------------------------------------------- 1 | package kotlin.jvm.internal; 2 | 3 | public class Intrinsics { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/ognl/ClassResolver.java: -------------------------------------------------------------------------------- 1 | package ognl; 2 | 3 | public interface ClassResolver { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/ognl/OgnlException.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/ognl/OgnlException.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/ognl/TypeConverter.java: -------------------------------------------------------------------------------- 1 | package ognl; 2 | 3 | public interface TypeConverter { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/acegisecurity/Authentication.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/acegisecurity/Authentication.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/commons/beanutils/BeanUtils.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/commons/beanutils/BeanUtils.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/commons/codec/binary/Hex.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/commons/codec/binary/Hex.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/commons/fileupload/FileItem.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/commons/fileupload/FileItem.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/commons/lang/math/JVMRandom.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/commons/lang/math/JVMRandom.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/commons/lang/math/RandomUtils.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/commons/lang/math/RandomUtils.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/commons/mail/Email.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/commons/mail/Email.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/commons/mail/HtmlEmail.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/commons/mail/HtmlEmail.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/commons/mail/ImageHtmlEmail.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/commons/mail/ImageHtmlEmail.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/commons/mail/MultiPartEmail.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/commons/mail/MultiPartEmail.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/commons/mail/SimpleEmail.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/commons/mail/SimpleEmail.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/http/HttpEntity.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/http/HttpEntity.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/http/HttpResponse.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/http/HttpResponse.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/http/client/HttpClient.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/http/client/HttpClient.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/http/client/methods/HttpGet.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/http/client/methods/HttpGet.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/http/client/utils/URIBuilder.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/http/client/utils/URIBuilder.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/http/impl/client/HttpClients.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/http/impl/client/HttpClients.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/jasper/runtime/HttpJspBase.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/jasper/runtime/HttpJspBase.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/struts/action/Action.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/struts/action/Action.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/struts/action/ActionErrors.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/struts/action/ActionErrors.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/struts/action/ActionForm.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/struts/action/ActionForm.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/struts/action/ActionForward.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/struts/action/ActionForward.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/struts/action/ActionMapping.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/struts/action/ActionMapping.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/struts/action/ActionMessage.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/struts/action/ActionMessage.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/struts2/util/StrutsUtil.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/struts2/util/StrutsUtil.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/tomcat/InstanceManager.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/tomcat/InstanceManager.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/torque/util/BasePeer.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/torque/util/BasePeer.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/turbine/om/peer/BasePeer.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/turbine/om/peer/BasePeer.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/turbine/util/db/Criteria.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/turbine/util/db/Criteria.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/velocity/VelocityContext.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/velocity/VelocityContext.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/velocity/app/Velocity.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/velocity/app/Velocity.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/velocity/app/VelocityEngine.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/velocity/app/VelocityEngine.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/velocity/context/Context.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/velocity/context/Context.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/wicket/Component.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/wicket/Component.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/wicket/MarkupContainer.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/wicket/MarkupContainer.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/wicket/Page.java: -------------------------------------------------------------------------------- 1 | package org.apache.wicket; 2 | 3 | public class Page extends MarkupContainer { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/wicket/markup/html/WebPage.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/wicket/markup/html/WebPage.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/wicket/request/Request.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/wicket/request/Request.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/wicket/util/upload/FileItem.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/wicket/util/upload/FileItem.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/xml/security/utils/XPathAPI.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/xml/security/utils/XPathAPI.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/xpath/XPath.java: -------------------------------------------------------------------------------- 1 | package org.apache.xpath; 2 | 3 | public class XPath { 4 | 5 | } 6 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/apache/xpath/XPathAPI.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/apache/xpath/XPathAPI.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/bouncycastle/asn1/ASN1InputStream.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/bouncycastle/asn1/ASN1InputStream.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/bouncycastle/asn1/DERObject.java: -------------------------------------------------------------------------------- 1 | package org.bouncycastle.asn1; 2 | 3 | public class DERObject { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/eclipse/jetty/http/HttpCookie.java: -------------------------------------------------------------------------------- 1 | package org.eclipse.jetty.http; 2 | 3 | public class HttpCookie { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/eclipse/jetty/http/HttpField.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/eclipse/jetty/http/HttpField.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/eclipse/jetty/http/HttpFields.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/eclipse/jetty/http/HttpFields.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/eclipse/jetty/http/HttpHeader.java: -------------------------------------------------------------------------------- 1 | package org.eclipse.jetty.http; 2 | 3 | public enum HttpHeader { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/eclipse/jetty/http/HttpURI.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/eclipse/jetty/http/HttpURI.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/hibernate/Criteria.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/hibernate/Criteria.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/hibernate/Query.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/hibernate/Query.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/hibernate/SQLQuery.java: -------------------------------------------------------------------------------- 1 | package org.hibernate; 2 | 3 | public interface SQLQuery { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/hibernate/Session.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/hibernate/Session.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/hibernate/SessionFactory.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/hibernate/SessionFactory.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/hibernate/criterion/Criterion.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/hibernate/criterion/Criterion.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/hibernate/criterion/Restrictions.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/hibernate/criterion/Restrictions.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/hibernate/type/StandardBasicTypes.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/hibernate/type/StandardBasicTypes.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/hibernate/type/StringType.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/hibernate/type/StringType.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/hibernate/type/Type.java: -------------------------------------------------------------------------------- 1 | package org.hibernate.type; 2 | 3 | public interface Type { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/jboss/seam/log/Log.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/jboss/seam/log/Log.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/jetbrains/annotations/NotNull.java: -------------------------------------------------------------------------------- 1 | package org.jetbrains.annotations; 2 | 3 | public class NotNull { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/opensaml/xml/parse/BasicParserPool.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/opensaml/xml/parse/BasicParserPool.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/opensaml/xml/parse/ParserPool.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/opensaml/xml/parse/ParserPool.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/owasp/encoder/Encode.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/owasp/encoder/Encode.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/owasp/encoder/tag/EncodingTag.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/owasp/encoder/tag/EncodingTag.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/owasp/encoder/tag/ForHtmlTag.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/owasp/encoder/tag/ForHtmlTag.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/owasp/esapi/ESAPI.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/owasp/esapi/ESAPI.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/owasp/esapi/Encoder.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/owasp/esapi/Encoder.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/owasp/esapi/Encryptor.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/owasp/esapi/Encryptor.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/owasp/esapi/Validator.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/owasp/esapi/Validator.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/owasp/esapi/codecs/Codec.java: -------------------------------------------------------------------------------- 1 | package org.owasp.esapi.codecs; 2 | 3 | public abstract class Codec { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/owasp/esapi/codecs/WindowsCodec.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/owasp/esapi/codecs/WindowsCodec.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/owasp/esapi/crypto/CipherText.java: -------------------------------------------------------------------------------- 1 | package org.owasp.esapi.crypto; 2 | 3 | public class CipherText { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/owasp/esapi/crypto/PlainText.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/owasp/esapi/crypto/PlainText.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/owasp/html/HtmlChangeListener.java: -------------------------------------------------------------------------------- 1 | package org.owasp.html; 2 | 3 | public interface HtmlChangeListener { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/owasp/html/PolicyFactory.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/owasp/html/PolicyFactory.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/slf4j/Logger.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/slf4j/Logger.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/sonarqube/ws/client/BaseRequest.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/sonarqube/ws/client/BaseRequest.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/sonarqube/ws/client/Headers.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/sonarqube/ws/client/Headers.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/sonarqube/ws/client/Parameters.java: -------------------------------------------------------------------------------- 1 | package org.sonarqube.ws.client; 2 | 3 | public interface Parameters { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/sonarqube/ws/client/WsRequest.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/sonarqube/ws/client/WsRequest.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/springframework/beans/BeanUtils.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/springframework/beans/BeanUtils.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/springframework/jdbc/core/SqlParameter.java: -------------------------------------------------------------------------------- 1 | package org.springframework.jdbc.core; 2 | 3 | public class SqlParameter { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/springframework/stereotype/Controller.java: -------------------------------------------------------------------------------- 1 | package org.springframework.stereotype; 2 | 3 | public @interface Controller { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/springframework/util/StringUtils.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/springframework/util/StringUtils.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/springframework/validation/Errors.java: -------------------------------------------------------------------------------- 1 | package org.springframework.validation; 2 | 3 | public interface Errors { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/springframework/web/servlet/View.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/springframework/web/servlet/View.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/springframework/web/servlet/tags/Param.java: -------------------------------------------------------------------------------- 1 | package org.springframework.web.servlet.tags; 2 | 3 | public class Param { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/org/springframework/web/util/HtmlUtils.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/org/springframework/web/util/HtmlUtils.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/scala/Long.java: -------------------------------------------------------------------------------- 1 | package scala; 2 | 3 | public class Long { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/scala/Option.java: -------------------------------------------------------------------------------- 1 | package scala; 2 | 3 | public abstract class Option { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/scala/StringContext.java: -------------------------------------------------------------------------------- 1 | package scala; 2 | 3 | public class StringContext { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/scala/Tuple2.java: -------------------------------------------------------------------------------- 1 | package scala; 2 | 3 | public class Tuple2 { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/scala/collection/mutable/StringBuilder.java: -------------------------------------------------------------------------------- 1 | package scala.collection.mutable; 2 | 3 | public class StringBuilder { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/scala/util/Random.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/scala/util/Random.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/java/sun/security/provider/DSAPublicKeyImpl.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/java/sun/security/provider/DSAPublicKeyImpl.java -------------------------------------------------------------------------------- /findsecbugs-samples-deps/src/main/resources/META-INF/spring.tld: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-deps/src/main/resources/META-INF/spring.tld -------------------------------------------------------------------------------- /findsecbugs-samples-java/pom.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/pom.xml -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/ApacheXmlRpc.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/ApacheXmlRpc.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/AwsQueryInjection.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/AwsQueryInjection.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/BeanInjection.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/BeanInjection.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/DbCatalog.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/DbCatalog.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/FormatStringManipulation.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/FormatStringManipulation.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/HttpParameterPollution.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/HttpParameterPollution.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/InsecureRandom.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/InsecureRandom.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/Logging.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/Logging.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/Pattern.java: -------------------------------------------------------------------------------- 1 | package testcode; 2 | 3 | public @interface Pattern { 4 | } 5 | -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/RedosInPatternAnnotation.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/RedosInPatternAnnotation.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/ResponseSplittingServlet.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/ResponseSplittingServlet.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/UnvalidatedRedirectServlet.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/UnvalidatedRedirectServlet.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/UrlConnectionSSRF.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/UrlConnectionSSRF.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/VariousRedos.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/VariousRedos.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/WeakFilenameUtils.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/WeakFilenameUtils.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/android/GeolocationActivity.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/android/GeolocationActivity.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/android/R.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/android/R.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/android/WorldWritableActivity.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/android/WorldWritableActivity.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/bugs/BenchmarkTest00051.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/bugs/BenchmarkTest00051.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/bugs/EnumUseInSql491.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/bugs/EnumUseInSql491.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/bugs/OutOfBoundMutableSample.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/bugs/OutOfBoundMutableSample.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/bugs/SeparateClassRequest.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/bugs/SeparateClassRequest.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/bugs/SomeEnum.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/bugs/SomeEnum.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/bugs/WebGoatCreateDb529.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/bugs/WebGoatCreateDb529.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/command/CommandInjection.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/command/CommandInjection.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/command/CommandInjectionSafe.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/command/CommandInjectionSafe.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/command/InterfaceWithSink.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/command/InterfaceWithSink.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/command/MoreMethods.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/command/MoreMethods.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/command/SubClass.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/command/SubClass.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/cookie/CookieUsage.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/cookie/CookieUsage.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/cookie/HttpOnlyCookieSamples.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/cookie/HttpOnlyCookieSamples.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/cookie/InsecureCookieSamples.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/cookie/InsecureCookieSamples.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/cookie/PersistentCookie.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/cookie/PersistentCookie.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/cookie/UrlRewriting.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/cookie/UrlRewriting.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/cors/PermissiveCORS.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/cors/PermissiveCORS.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/crypto/BadHexa.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/crypto/BadHexa.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/crypto/BlockCipherList.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/crypto/BlockCipherList.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/crypto/CipherNoIntegrity.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/crypto/CipherNoIntegrity.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/crypto/CustomMessageDigest.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/crypto/CustomMessageDigest.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/crypto/DesKeyGeneration.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/crypto/DesKeyGeneration.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/crypto/ErrorMessages.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/crypto/ErrorMessages.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/crypto/EsapiCrypto.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/crypto/EsapiCrypto.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/crypto/HazelcastSymmetric.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/crypto/HazelcastSymmetric.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/crypto/InsecureSmtpSsl.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/crypto/InsecureSmtpSsl.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/crypto/InsufficientKeySizeRsa.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/crypto/InsufficientKeySizeRsa.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/crypto/NullCipherUse.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/crypto/NullCipherUse.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/crypto/RsaNoPadding.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/crypto/RsaNoPadding.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/crypto/UnencryptedSocket.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/crypto/UnencryptedSocket.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/crypto/WeakMessageDigest.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/crypto/WeakMessageDigest.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/crypto/WeakTLSProtocol.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/crypto/WeakTLSProtocol.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/crypto/iv/ConstantIv.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/crypto/iv/ConstantIv.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/crypto/iv/SafeIvGeneration.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/crypto/iv/SafeIvGeneration.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/crypto/iv/StaticIvDecrypt.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/crypto/iv/StaticIvDecrypt.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/crypto/iv/StaticIvUnwrap.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/crypto/iv/StaticIvUnwrap.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/crypto/iv/StaticIvWrap.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/crypto/iv/StaticIvWrap.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/crypto/iv/StaticVariableIv.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/crypto/iv/StaticVariableIv.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/crypto/ssldisabler/AllHosts.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/crypto/ssldisabler/AllHosts.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/endpoint/BasicHttpServlet.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/endpoint/BasicHttpServlet.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/endpoint/BasicServlet.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/endpoint/BasicServlet.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/endpoint/JaxRsService.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/endpoint/JaxRsService.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/endpoint/JaxWsService.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/endpoint/JaxWsService.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/endpoint/SpringTestController.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/endpoint/SpringTestController.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/file/FileDisclosure.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/file/FileDisclosure.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/file/FileUploadCommon.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/file/FileUploadCommon.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/file/FileUploadWicket.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/file/FileUploadWicket.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/gadget/MaliciousPayload.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/gadget/MaliciousPayload.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/gadget/SuperMap.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/gadget/SuperMap.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/gadget/cachedata/CacheData.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/gadget/cachedata/CacheData.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/googlemaps/Base64.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/googlemaps/Base64.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/googlemaps/GoogleMapsSigUtil.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/googlemaps/GoogleMapsSigUtil.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/googlemaps/UrlSigner.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/googlemaps/UrlSigner.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/graph/Application.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/graph/Application.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/graph/MainStart.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/graph/MainStart.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/graph/WelcomeController.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/graph/WelcomeController.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/graph/XmlService.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/graph/XmlService.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/groovy/GroovyShellUsage.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/groovy/GroovyShellUsage.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/juliet/IO.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/juliet/IO.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/ldap/AnonymousLdap.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/ldap/AnonymousLdap.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/ldap/JndiLdap.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/ldap/JndiLdap.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/ldap/JndiLdapSpecial.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/ldap/JndiLdapSpecial.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/ldap/LdapEntryPoisoning.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/ldap/LdapEntryPoisoning.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/ldap/SpringLdap.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/ldap/SpringLdap.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/ldap/UnboundIdLdap.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/ldap/UnboundIdLdap.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/logging/SensitiveLogging.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/logging/SensitiveLogging.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/logging/Slf4jSample.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/logging/Slf4jSample.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/modify_validate/ModifyAfter.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/modify_validate/ModifyAfter.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/modify_validate/ModifyBefore.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/modify_validate/ModifyBefore.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/normalize/NormalizeAfter.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/normalize/NormalizeAfter.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/normalize/NormalizeBefore.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/normalize/NormalizeBefore.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/oauth/SpringServerConfig.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/oauth/SpringServerConfig.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/oauth/VertxOauth2Config.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/oauth/VertxOauth2Config.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/pages/Index.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/pages/Index.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/pages/TapestryPage.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/pages/TapestryPage.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/password/ConstantPasswords.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/password/ConstantPasswords.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/password/EqualsPasswordField.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/password/EqualsPasswordField.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/password/JdbcDriverConnection.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/password/JdbcDriverConnection.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/password/JndiProperties.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/password/JndiProperties.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/password/JschSshPassword.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/password/JschSshPassword.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/password/UnsafeCompareHash.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/password/UnsafeCompareHash.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/password/VariousMap.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/password/VariousMap.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/password/customapi/Vault.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/password/customapi/Vault.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/pathtraversal/PathTraversal.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/pathtraversal/PathTraversal.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/potential/PotentialAlgorithm.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/potential/PotentialAlgorithm.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/saml/BufferHandler.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/saml/BufferHandler.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/saml/SafeComments.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/saml/SafeComments.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/saml/UnsafeComments.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/saml/UnsafeComments.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/script/ElExpressionSample.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/script/ElExpressionSample.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/script/ScriptEngineSample.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/script/ScriptEngineSample.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/script/SeamLogging.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/script/SeamLogging.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/script/SpelSample.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/script/SpelSample.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/script/ognl/OgnlUtilSample.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/script/ognl/OgnlUtilSample.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/script/ognl/StrutsTaintedApi.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/script/ognl/StrutsTaintedApi.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/script/ognl/TextParserSample.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/script/ognl/TextParserSample.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/script/ognl/ValueStackSample.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/script/ognl/ValueStackSample.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/serial/ObjectDeserialization.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/serial/ObjectDeserialization.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/serial/ObjectInputSig.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/serial/ObjectInputSig.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/serial/spring/TypeProvider.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/serial/spring/TypeProvider.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/smtp/SmtpClient.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/smtp/SmtpClient.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/spelviewinjection/SpelView.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/spelviewinjection/SpelView.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/spring/SampleEntity.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/spring/SampleEntity.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/spring/SampleEntityTwo.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/spring/SampleEntityTwo.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/sqli/CustomInjection.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/sqli/CustomInjection.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/sqli/HibernateSql.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/sqli/HibernateSql.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/sqli/Jdbc.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/sqli/Jdbc.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/sqli/JdoSql.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/sqli/JdoSql.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/sqli/JdoSqlFilter.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/sqli/JdoSqlFilter.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/sqli/JpaSql.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/sqli/JpaSql.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/sqli/SpringBatchUpdateUtils.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/sqli/SpringBatchUpdateUtils.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/sqli/SpringJdbcOperations.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/sqli/SpringJdbcOperations.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/sqli/SpringJdbcTemplate.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/sqli/SpringJdbcTemplate.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/sqli/UserEntity.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/sqli/UserEntity.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/sqli/VertxSqlClient.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/sqli/VertxSqlClient.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/sqli/android/AndroidSql.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/sqli/android/AndroidSql.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/sqli/android/LocalProvider.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/sqli/android/LocalProvider.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/sqli/turbine/SomePeer.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/sqli/turbine/SomePeer.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/sqli/turbine/TorqueSql.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/sqli/turbine/TorqueSql.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/sqli/turbine/TurbineSql.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/sqli/turbine/TurbineSql.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/struts1/FormWithValidation.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/struts1/FormWithValidation.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/struts1/StrutsV1Action.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/struts1/StrutsV1Action.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/struts1/TestForm.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/struts1/TestForm.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/struts2/StrutsV2Endpoint.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/struts2/StrutsV2Endpoint.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/taint/CommentDto.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/taint/CommentDto.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/template/FreemarkerUsage.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/template/FreemarkerUsage.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/template/PebbleUsage.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/template/PebbleUsage.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/template/VelocityUsage.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/template/VelocityUsage.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/trust/TrustBoundaryViolation.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/trust/TrustBoundaryViolation.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/trustmanager/WeakTrustManager.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/trustmanager/WeakTrustManager.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/unicode/UnmappedCharacters.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/unicode/UnmappedCharacters.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/unicode/Utils.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/unicode/Utils.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/util/HexUtil.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/util/HexUtil.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/wicket/WicketWebPage.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/wicket/WicketWebPage.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/wicket/XssWicketExamplePage.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/wicket/XssWicketExamplePage.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xml/XmlInjection.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xml/XmlInjection.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xmldecoder/XmlDecodeUtil.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xmldecoder/XmlDecodeUtil.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xpath/XPathApacheXPathApi.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xpath/XPathApacheXPathApi.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xpath/XPathApacheXmlSec.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xpath/XPathApacheXmlSec.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xpath/XPathBadApi.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xpath/XPathBadApi.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xpath/XPathJavax.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xpath/XPathJavax.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xpath/XPathJavaxCustomSafe.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xpath/XPathJavaxCustomSafe.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xpath/XPathJavaxCustomSinks.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xpath/XPathJavaxCustomSinks.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xpath/XPathJavaxSafe.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xpath/XPathJavaxSafe.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xpath/XPathSuperSecureUtil.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xpath/XPathSuperSecureUtil.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xpath/XmlUtils.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xpath/XmlUtils.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xsl/StdXmlTransform.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xsl/StdXmlTransform.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xss/ByPassExamplePoc.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xss/ByPassExamplePoc.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xss/XSSRequestWrapper.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xss/XSSRequestWrapper.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xss/XSSRequestWrapper2.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xss/XSSRequestWrapper2.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xss/benchmark/Benchmark00013.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xss/benchmark/Benchmark00013.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xss/encoder/ApacheCommonsText.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xss/encoder/ApacheCommonsText.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xss/portlets/XssIbmPortlet.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xss/portlets/XssIbmPortlet.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xss/portlets/XssPortlet.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xss/portlets/XssPortlet.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xss/servlets/XssServlet1.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xss/servlets/XssServlet1.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xss/servlets/XssServlet2.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xss/servlets/XssServlet2.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xss/servlets/XssServlet3.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xss/servlets/XssServlet3.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xss/servlets/XssServlet4.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xss/servlets/XssServlet4.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xss/servlets/XssServlet5.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xss/servlets/XssServlet5.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xss/servlets/XssServlet6.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xss/servlets/XssServlet6.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xss/servlets/XssServlet7.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xss/servlets/XssServlet7.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xxe/DocumentBuilderVulnerable.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xxe/DocumentBuilderVulnerable.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xxe/SaxParserSafeProperty.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xxe/SaxParserSafeProperty.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xxe/SaxParserVulnerable.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xxe/SaxParserVulnerable.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xxe/XmlReaderSafeProperty.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xxe/XmlReaderSafeProperty.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xxe/XmlReaderVulnerable.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xxe/XmlReaderVulnerable.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/java/testcode/xxe/util/PrintHandler.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/java/testcode/xxe/util/PrintHandler.java -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/resources/testcode/xml/simple.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/resources/testcode/xml/simple.xml -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/resources/testcode/xmldecoder/obj1.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/resources/testcode/xmldecoder/obj1.xml -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/resources/testcode/xpath/data.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/resources/testcode/xpath/data.xml -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/resources/testcode/xsl/input.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/resources/testcode/xsl/input.xml -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/resources/testcode/xsl/xsl_evil.xsl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/resources/testcode/xsl/xsl_evil.xsl -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/resources/testcode/xsl/xsl_safe.xsl: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/resources/testcode/xsl/xsl_safe.xsl -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/resources/testcode/xxe/dos_xxe.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/resources/testcode/xxe/dos_xxe.xml -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/resources/testcode/xxe/simple_xxe.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/resources/testcode/xxe/simple_xxe.xml -------------------------------------------------------------------------------- /findsecbugs-samples-java/src/test/resources/testcode/xxe/simple_xxe.xslt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java/src/test/resources/testcode/xxe/simple_xxe.xslt -------------------------------------------------------------------------------- /findsecbugs-samples-java11/pom.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java11/pom.xml -------------------------------------------------------------------------------- /findsecbugs-samples-java11/src/test/java/testcode/taint/StringConcatenation.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-java11/src/test/java/testcode/taint/StringConcatenation.java -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/pom.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/pom.xml -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/WEB-INF/owasp-java-encoder.tld: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/WEB-INF/owasp-java-encoder.tld -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/WEB-INF/safe-encoder-example.tld: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/WEB-INF/safe-encoder-example.tld -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/WEB-INF/spring.tld: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/WEB-INF/spring.tld -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/WEB-INF/web.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/WEB-INF/web.xml -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/includes/${param.secret_param}.jsp: -------------------------------------------------------------------------------- 1 | Dummy -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/includes/include_me.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/includes/include_me.jsp -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/includes/jsp_include_1.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/includes/jsp_include_1.jsp -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/includes/jsp_include_2_safe.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/includes/jsp_include_2_safe.jsp -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/includes/jsp_include_3.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/includes/jsp_include_3.jsp -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/includes/jsp_include_4_safe.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/includes/jsp_include_4_safe.jsp -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/jstl/jstl_escape_1.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/jstl/jstl_escape_1.jsp -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/jstl/jstl_escape_2.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/jstl/jstl_escape_2.jsp -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/jstl/jstl_escape_3.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/jstl/jstl_escape_3.jsp -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/jstl/jstl_escape_4.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/jstl/jstl_escape_4.jsp -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/jstl/jstl_expression_custom_insecure.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/jstl/jstl_expression_custom_insecure.jsp -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/jstl/jstl_expression_custom_secure.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/jstl/jstl_expression_custom_secure.jsp -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/jstl/jstl_expression_insecure.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/jstl/jstl_expression_insecure.jsp -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/jstl/jstl_expression_secure.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/jstl/jstl_expression_secure.jsp -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/spring/spring_eval_1.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/spring/spring_eval_1.jsp -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/spring/spring_eval_2.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/spring/spring_eval_2.jsp -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/spring/spring_eval_3.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/spring/spring_eval_3.jsp -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/spring/spring_eval_4_safe.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/spring/spring_eval_4_safe.jsp -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/xml/xml1.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/xml/xml1.jsp -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/xml/xml2.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/xml/xml2.jsp -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/xsl/xsl1.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/xsl/xsl1.jsp -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/xsl/xsl2.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/xsl/xsl2.jsp -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/xsl/xsl3.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/xsl/xsl3.jsp -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/xsl/xsl4.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/xsl/xsl4.jsp -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/xss/xss_1_direct_use.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/xss/xss_1_direct_use.jsp -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/xss/xss_2_transfer_local.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/xss/xss_2_transfer_local.jsp -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/xss/xss_5_multiple_transfer_local.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/xss/xss_5_multiple_transfer_local.jsp -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/xss/xss_6_get_parameter.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/xss/xss_6_get_parameter.jsp -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/xss/xss_7_false_positive_direct_cast.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/xss/xss_7_false_positive_direct_cast.jsp -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/xss/xss_8_request_attribute.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/xss/xss_8_request_attribute.jsp -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/xss/xss_9_owasp_taglib.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/xss/xss_9_owasp_taglib.jsp -------------------------------------------------------------------------------- /findsecbugs-samples-jsp/src/test/webapp/xss_fp/xss_resource_bundle.jsp: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-jsp/src/test/webapp/xss_fp/xss_resource_bundle.jsp -------------------------------------------------------------------------------- /findsecbugs-samples-kotlin/pom.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-samples-kotlin/pom.xml -------------------------------------------------------------------------------- /findsecbugs-test-util/pom.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-test-util/pom.xml -------------------------------------------------------------------------------- /findsecbugs-test-util/src/test/java/com/h3xstream/findbugs/test/DummyProgress.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-test-util/src/test/java/com/h3xstream/findbugs/test/DummyProgress.java -------------------------------------------------------------------------------- /findsecbugs-test-util/src/test/java/com/h3xstream/findbugs/test/package-info.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-test-util/src/test/java/com/h3xstream/findbugs/test/package-info.java -------------------------------------------------------------------------------- /findsecbugs-test-util/src/test/java/com/h3xstream/testng/VerboseTestListener.java: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/findsecbugs-test-util/src/test/java/com/h3xstream/testng/VerboseTestListener.java -------------------------------------------------------------------------------- /pom.xml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/pom.xml -------------------------------------------------------------------------------- /website/BuildWebPage.bat: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/BuildWebPage.bat -------------------------------------------------------------------------------- /website/BuildWebPage.groovy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/BuildWebPage.groovy -------------------------------------------------------------------------------- /website/MetadataFileUtil.groovy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/MetadataFileUtil.groovy -------------------------------------------------------------------------------- /website/README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/README.md -------------------------------------------------------------------------------- /website/SpellCheckTest.groovy: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/SpellCheckTest.groovy -------------------------------------------------------------------------------- /website/out_web/.gitignore: -------------------------------------------------------------------------------- 1 | *.htm -------------------------------------------------------------------------------- /website/out_web/css/agency.css: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/out_web/css/agency.css -------------------------------------------------------------------------------- /website/out_web/css/bootstrap.css: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/out_web/css/bootstrap.css -------------------------------------------------------------------------------- /website/out_web/css/font-awesome.css: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/out_web/css/font-awesome.css -------------------------------------------------------------------------------- /website/out_web/css/fsb-custom-theme.css: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/out_web/css/fsb-custom-theme.css -------------------------------------------------------------------------------- /website/out_web/css/prism.css: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/out_web/css/prism.css -------------------------------------------------------------------------------- /website/out_web/fonts/fontawesome-webfont.ttf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/out_web/fonts/fontawesome-webfont.ttf -------------------------------------------------------------------------------- /website/out_web/fonts/fontawesome-webfont.woff: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/out_web/fonts/fontawesome-webfont.woff -------------------------------------------------------------------------------- /website/out_web/images/favicon.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/out_web/images/favicon.png -------------------------------------------------------------------------------- /website/out_web/images/gosecure.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/out_web/images/gosecure.png -------------------------------------------------------------------------------- /website/out_web/images/lgplv3.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/out_web/images/lgplv3.png -------------------------------------------------------------------------------- /website/out_web/images/screens/eclipse.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/out_web/images/screens/eclipse.png -------------------------------------------------------------------------------- /website/out_web/images/screens/intellij.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/out_web/images/screens/intellij.png -------------------------------------------------------------------------------- /website/out_web/images/screens/sonar.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/out_web/images/screens/sonar.png -------------------------------------------------------------------------------- /website/out_web/js/bootstrap.min.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/out_web/js/bootstrap.min.js -------------------------------------------------------------------------------- /website/out_web/js/fsb-custom.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/out_web/js/fsb-custom.js -------------------------------------------------------------------------------- /website/out_web/js/jquery.min.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/out_web/js/jquery.min.js -------------------------------------------------------------------------------- /website/out_web/js/prism.js: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/out_web/js/prism.js -------------------------------------------------------------------------------- /website/spell/accronyms.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/spell/accronyms.txt -------------------------------------------------------------------------------- /website/spell/dictionary.txt: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/spell/dictionary.txt -------------------------------------------------------------------------------- /website/templates/bugs.htm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/templates/bugs.htm -------------------------------------------------------------------------------- /website/templates/common_footer.htm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/templates/common_footer.htm -------------------------------------------------------------------------------- /website/templates/common_header.htm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/templates/common_header.htm -------------------------------------------------------------------------------- /website/templates/download.htm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/templates/download.htm -------------------------------------------------------------------------------- /website/templates/home.htm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/templates/home.htm -------------------------------------------------------------------------------- /website/templates/license.htm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/templates/license.htm -------------------------------------------------------------------------------- /website/templates/security.htm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/templates/security.htm -------------------------------------------------------------------------------- /website/templates/social.htm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/templates/social.htm -------------------------------------------------------------------------------- /website/templates/tutorials.htm: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/h3xstream/find-sec-bugs/HEAD/website/templates/tutorials.htm --------------------------------------------------------------------------------