",
36 | "type": "regex",
37 | "scopes": [ "code" ],
38 | "modifiers": [ "i" ]
39 | }
40 | ]
41 | }
42 | ]
--------------------------------------------------------------------------------
/AppInspector/rules/default/os/user_accts.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "OS: User Account Write (Add)",
4 | "id": "AI038700",
5 | "description": "OS: User Account Write (Add)",
6 | "applies_to": [
7 | "csharp"
8 | ],
9 | "tags": [
10 | "OS.UserAccount.Write"
11 | ],
12 | "severity": "moderate",
13 | "patterns": [
14 | {
15 | "pattern": "NetUserAdd|NetGroupAddUser|NetLocalGroupAdd",
16 | "type": "regex-word",
17 | "scopes": [
18 | "code"
19 | ],
20 | "confidence": "high",
21 | "_comment": ""
22 | }
23 | ]
24 | },
25 | {
26 | "name": "OS: User Account Write (Modify)",
27 | "id": "AI038800",
28 | "description": "OS: User Account Write (Modify)",
29 | "applies_to": [
30 | "csharp"
31 | ],
32 | "tags": [
33 | "OS.UserAccount.Write"
34 | ],
35 | "severity": "moderate",
36 | "patterns": [
37 | {
38 | "pattern": "NetGroupSetInfo|NetGroupSetUsers|NetLocalGroupDel|NetUserChangePassword",
39 | "type": "regex-word",
40 | "scopes": [
41 | "code"
42 | ],
43 | "confidence": "high",
44 | "_comment": ""
45 | }
46 | ]
47 | }
48 | ]
--------------------------------------------------------------------------------
/RulesEngine/Resources/comments.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "language": [
4 | "c",
5 | "cpp",
6 | "csharp",
7 | "coffeescript",
8 | "fsharp",
9 | "go",
10 | "groovy",
11 | "jade",
12 | "objective-C",
13 | "rust",
14 | "swift",
15 | "javascript",
16 | "java",
17 | "typescript",
18 | "php"
19 | ],
20 | "inline": "//",
21 | "preffix": "/*",
22 | "suffix": "*/"
23 | },
24 | {
25 | "language": [
26 | "perl",
27 | "perl6",
28 | "r",
29 | "shellscript",
30 | "ruby",
31 | "yaml",
32 | "powershell",
33 | "python"
34 | ],
35 | "inline": "#",
36 | "preffix": "#",
37 | "suffix": "\n"
38 | },
39 | {
40 | "language": [
41 | "lua",
42 | "sql"
43 | ],
44 | "inline": "--",
45 | "preffix": "--",
46 | "suffix": "\n"
47 | },
48 | {
49 | "language": [
50 | "clojure"
51 | ],
52 | "inline": ";;",
53 | "preffix": ";;",
54 | "suffix": ""
55 | },
56 | {
57 | "language": [
58 | "vb"
59 | ],
60 | "inline": "'",
61 | "preffix": "'",
62 | "suffix": ""
63 | }
64 | ]
--------------------------------------------------------------------------------
/AppInspector/Writers/WriterFactory.cs:
--------------------------------------------------------------------------------
1 | // Copyright (C) Microsoft. All rights reserved.
2 | // Licensed under the MIT License. See LICENSE.txt in the project root for license information.
3 |
4 | using System;
5 |
6 | namespace Microsoft.AppInspector
7 | {
8 | public class WriterFactory
9 | {
10 | public static Writer GetWriter(string writerName, string defaultWritter, string format = null)
11 | {
12 | if (string.IsNullOrEmpty(writerName))
13 | writerName = defaultWritter;
14 |
15 | if (string.IsNullOrEmpty(writerName))
16 | writerName = "text";
17 |
18 | switch (writerName.ToLowerInvariant())
19 | {
20 | case "_dummy":
21 | return new DummyWriter();
22 | case "json":
23 | return new JsonWriter();
24 | case "text":
25 | return new SimpleTextWriter(format);
26 | case "html":
27 | return new LiquidWriter();
28 | default:
29 | throw new OpException(String.Format(ErrMsg.FormatString(ErrMsg.ID.CMD_INVALID_ARG_VALUE, "-f")));
30 | }
31 | }
32 | }
33 | }
34 |
--------------------------------------------------------------------------------
/MultiExtractor/FileEntry.cs:
--------------------------------------------------------------------------------
1 | // Copyright (C) Microsoft. All rights reserved.
2 | // Licensed under the MIT License. See LICENSE.txt in the project root for license information.
3 |
4 |
5 | using System;
6 | using System.Collections.Generic;
7 | using System.IO;
8 | using System.Text;
9 |
10 | namespace MultiExtractor
11 | {
12 | public class FileEntry
13 | {
14 | public FileEntry(string name, string parentPath, Stream content)
15 | {
16 | Name = name;
17 | if (string.IsNullOrEmpty(parentPath))
18 | {
19 | FullPath = Name;
20 | }
21 | else
22 | {
23 | FullPath = $"{parentPath}:{name}";
24 | }
25 | if (content == null)
26 | {
27 | throw new ArgumentNullException(nameof(content));
28 | }
29 | Content = new MemoryStream();
30 | if (content.CanSeek)
31 | {
32 | content.Position = 0;
33 | }
34 | content.CopyTo(Content);
35 | }
36 |
37 | public string FullPath { get; set; }
38 | public string Name { get; set; }
39 | public MemoryStream Content { get; set; }
40 |
41 |
42 |
43 | }
44 | }
45 |
--------------------------------------------------------------------------------
/AppInspector/rules/default/data_handling/json_parsing.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "Data: Parses JSON",
4 | "id": "AI013600",
5 | "description": "Data: Parses JSON",
6 | "applies_to": [ "javascript" ],
7 | "tags": [
8 | "Data.Parsing.JSON"
9 | ],
10 | "severity": "moderate",
11 | "patterns": [
12 | {
13 | "pattern": "JSON.Parse",
14 | "type": "string",
15 | "scopes": [
16 | "code"
17 | ]
18 | }
19 | ]
20 | },
21 | {
22 | "name": "Data: Parses JSON",
23 | "id": "AI013700",
24 | "description": "Data: Parses JSON",
25 | "applies_to": [ "csharp" ],
26 | "tags": [
27 | "Data.Parsing.JSON"
28 | ],
29 | "severity": "moderate",
30 | "patterns": [
31 | {
32 | "pattern": "JSON\\.createParser|JObject\\.Parse",
33 | "type": "regex",
34 | "scopes": [
35 | "code"
36 | ]
37 | }
38 | ]
39 | },
40 | {
41 | "name": "Data: Parses JSON",
42 | "id": "AI013800",
43 | "description": "Data: Parses JSON",
44 | "tags": [
45 | "Data.Parsing.JSON"
46 | ],
47 | "severity": "moderate",
48 | "patterns": [
49 | {
50 | "pattern": "json.*parser",
51 | "type": "regex",
52 | "scopes": [
53 | "code"
54 | ]
55 | }
56 | ]
57 | }
58 | ]
59 |
--------------------------------------------------------------------------------
/AppInspector/html/partials/_file_listing.liquid:
--------------------------------------------------------------------------------
1 |
2 |
--------------------------------------------------------------------------------
/AppInspector/rules/default/general/hygiene.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "Hygiene: Todo Comment",
4 | "id": "AI027300",
5 | "description": "Hygiene: Todo Comment",
6 | "tags": [
7 | "Miscellaneous.CodeHygiene.Comment.Todo"
8 | ],
9 | "severity": "moderate",
10 | "patterns": [
11 | {
12 | "pattern": "todo",
13 | "type": "regex",
14 | "scopes": [ "comment" ],
15 | "modifiers": [ "i" ]
16 | }
17 | ]
18 | },
19 | {
20 | "name": "Hygiene: Fix Comment",
21 | "id": "AI027400",
22 | "description": "Hygiene: Fix Comment",
23 | "tags": [
24 | "Miscellaneous.CodeHygiene.Comment.Fix"
25 | ],
26 | "severity": "moderate",
27 | "patterns": [
28 | {
29 | "pattern": "fixme|broke|broken",
30 | "type": "regex",
31 | "scopes": [ "comment" ],
32 | "modifiers": [ "i" ]
33 | }
34 | ]
35 | },
36 | {
37 | "name": "Hygiene: Suspicious Comment",
38 | "id": "AI027500",
39 | "description": "Hygiene: Suspicious Comment",
40 | "tags": [
41 | "Miscellaneous.CodeHygiene.Comment.Suspicious"
42 | ],
43 | "severity": "moderate",
44 | "patterns": [
45 | {
46 | "pattern": "hack|insecure|black magic|high risk|risky|riskiest|obfuscation|obfuscate|obfuscated",
47 | "type": "regex",
48 | "scopes": [ "comment" ],
49 | "modifiers": [ "i" ]
50 | }
51 | ]
52 | }
53 | ]
--------------------------------------------------------------------------------
/RulesEngine/PatternScope.cs:
--------------------------------------------------------------------------------
1 | // Copyright (C) Microsoft. All rights reserved.
2 | // Licensed under the MIT License. See LICENSE.txt in the project root for license information.
3 |
4 | using Newtonsoft.Json;
5 | using System;
6 |
7 | namespace RulesEngine
8 | {
9 | [JsonConverter(typeof(PatternScopeConverter))]
10 | public enum PatternScope
11 | {
12 | All,
13 | Code,
14 | Comment,
15 | Html
16 | }
17 |
18 | ///
19 | /// Json converter for Pattern Type
20 | ///
21 | class PatternScopeConverter : JsonConverter
22 | {
23 | public override void WriteJson(JsonWriter writer, object value, JsonSerializer serializer)
24 | {
25 | PatternScope svr = (PatternScope)value;
26 | string svrstr = svr.ToString().ToLower();
27 |
28 | writer.WriteValue(svrstr);
29 | writer.WriteValue(svr.ToString().ToLower());
30 | }
31 |
32 | public override object ReadJson(JsonReader reader, Type objectType, object existingValue, JsonSerializer serializer)
33 | {
34 | var enumString = (string)reader.Value;
35 | enumString = enumString.Replace("-", "");
36 | return Enum.Parse(typeof(PatternScope), enumString, true);
37 | }
38 |
39 | public override bool CanConvert(Type objectType)
40 | {
41 | return objectType == typeof(string);
42 | }
43 | }
44 | }
45 |
--------------------------------------------------------------------------------
/AppInspector/rules/default/frameworks/ruby.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "Development Framework: Grails",
4 | "id": "AI025400",
5 | "description": "Development Framework: Grails",
6 | "applies_to": [ "groovy" ],
7 | "tags": [ "Framework.Development.Grails" ],
8 | "severity": "moderate",
9 | "patterns": [
10 | {
11 | "pattern": "grails",
12 | "type": "string",
13 | "scopes": [ "code" ],
14 | "modifiers": [ "i" ],
15 | "confidence": "high"
16 | }
17 | ]
18 | },
19 | {
20 | "name": "Development Framework: Rails",
21 | "id": "AI025500",
22 | "description": "Development Framework: Rails",
23 | "applies_to": [ "ruby" ],
24 | "tags": [ "Framework.Development.Rails" ],
25 | "severity": "moderate",
26 | "patterns": [
27 | {
28 | "pattern": "rails",
29 | "type": "string",
30 | "scopes": [ "code" ],
31 | "modifiers": [ "i" ],
32 | "confidence": "high"
33 | }
34 | ]
35 | },
36 | {
37 | "name": "Development Framework: Google API's",
38 | "id": "AI025600",
39 | "description": "Development Framework: Google API's",
40 | "applies_to": [ "ruby" ],
41 | "tags": [ "Framework.Development.Google.API" ],
42 | "severity": "moderate",
43 | "patterns": [
44 | {
45 | "pattern": "google/apis",
46 | "type": "sub-string",
47 | "scopes": [ "code" ],
48 | "modifiers": [ "i" ],
49 | "confidence": "high"
50 | }
51 | ]
52 | }
53 | ]
--------------------------------------------------------------------------------
/AppInspector/preferences/tagcounters.json:
--------------------------------------------------------------------------------
1 | // Copyright (C) Microsoft. All rights reserved.
2 | // Licensed under the MIT License. See LICENSE.txt in the project root for license information.
3 | [
4 | {
5 | "tag": "Metric.Code.Class.Defined",
6 | "displayName": "Classes",
7 | "includeAsMatch": false
8 | },
9 | {
10 | "tag": "Metric.Code.Function.Defined",
11 | "displayName": "Functions",
12 | "includeAsMatch": false
13 | },
14 | {
15 | "tag": "Metric.Code.Exception.Caught",
16 | "displayName": "Exceptions",
17 | "includeAsMatch": false
18 | },
19 | {
20 | "tag": "Metric.Code.HTMLForm.Defined",
21 | "displayName": "Forms",
22 | "includeAsMatch": true
23 | },
24 | {
25 | "tag": "Dependency.SourceInclude",
26 | "displayName": "Dependencies",
27 | "includeAsMatch": false
28 | },
29 | {
30 | "tag": "Miscellaneous.CodeHygiene.Comment.Todo",
31 | "displayName": "Comments",
32 | "includeAsMatch": false
33 | },
34 | {
35 | "tag": "Miscellaneous.CodeHygiene.Comment.Fix",
36 | "displayName": "Fix-comments",
37 | "includeAsMatch": true
38 | },
39 | {
40 | "tag": "Miscellaneous.CodeHygiene.Comment.Suspicious",
41 | "displayName": "Suspicious-comments",
42 | "includeAsMatch": true
43 | },
44 | {
45 | "tag": "Metric.Code.Logging.Call",
46 | "displayName": "Logging Calls",
47 | "includeAsMatch": false
48 | },
49 | {
50 | "tag": "Metric.Code.URL",
51 | "displayName": "URL's",
52 | "includeAsMatch": false
53 | }
54 | ]
--------------------------------------------------------------------------------
/RulesEngine/FixType.cs:
--------------------------------------------------------------------------------
1 | // Copyright(C) Microsoft.All rights reserved.
2 | // Licensed under the MIT License. See LICENSE.txt in the project root for license information.
3 |
4 | using Newtonsoft.Json;
5 | using System;
6 |
7 | namespace RulesEngine
8 | {
9 | ///
10 | /// Code Fix Type
11 | ///
12 | public enum FixType
13 | {
14 | RegexReplace
15 | }
16 |
17 |
18 | ///
19 | /// Json Converter for FixType
20 | ///
21 | class FixTypeConverter : JsonConverter
22 | {
23 | public override void WriteJson(JsonWriter writer, object value, JsonSerializer serializer)
24 | {
25 | FixType svr = (FixType)value;
26 | string svrstr = svr.ToString().ToLower();
27 |
28 | switch (svr)
29 | {
30 | case FixType.RegexReplace:
31 | svrstr = "regex-replace";
32 | break;
33 | }
34 | writer.WriteValue(svrstr);
35 | }
36 |
37 | public override object ReadJson(JsonReader reader, Type objectType, object existingValue, JsonSerializer serializer)
38 | {
39 | var enumString = (string)reader.Value;
40 | enumString = enumString.Replace("-", "");
41 | return Enum.Parse(typeof(FixType), enumString, true);
42 | }
43 |
44 | public override bool CanConvert(Type objectType)
45 | {
46 | return objectType == typeof(string);
47 | }
48 | }
49 |
50 | }
51 |
--------------------------------------------------------------------------------
/AppInspector/rules/default/cloud_services/ad_networks.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "Miscellaneous: Advertising Network (Google Adsense)",
4 | "id": "AI000100",
5 | "description": "Miscellaneous: Advertising Network (Google Adsense)",
6 | "tags": [
7 | "CloudServices.AdvertisingNetwork.Google.Adsense"
8 | ],
9 | "severity": "moderate",
10 | "patterns": [
11 | {
12 | "pattern": "adsense|googleadservices\\.com",
13 | "type": "regex-word",
14 | "scopes": [ "code", "comment" ],
15 | "modifiers": []
16 | }
17 | ]
18 | },
19 | {
20 | "name": "Miscellaneous: Advertising Network (Outbrain)",
21 | "id": "AI000200",
22 | "description": "Miscellaneous: Advertising Network (Outbrain)",
23 | "tags": [
24 | "CloudServices.AdvertisingNetwork.Outbrain"
25 | ],
26 | "severity": "moderate",
27 | "patterns": [
28 | {
29 | "pattern": "outbrain.com",
30 | "type": "string",
31 | "scopes": [ "code" ],
32 | "modifiers": []
33 | }
34 | ]
35 | },
36 | {
37 | "name": "Miscellaneous: Advertising Network (Bing Ads)",
38 | "id": "AI000300",
39 | "description": "Miscellaneous: Advertising Network (Bing Ads)",
40 | "tags": [
41 | "CloudServices.AdvertisingNetwork.Microsoft.BingAds"
42 | ],
43 | "severity": "moderate",
44 | "patterns": [
45 | {
46 | "pattern": "outbrain.com",
47 | "type": "string",
48 | "scopes": [ "code" ],
49 | "modifiers": []
50 | }
51 | ]
52 | }
53 | ]
--------------------------------------------------------------------------------
/AppInspector/rules/default/cloud_services/ecommerce.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "CloudServices: Financial (eCommerce)",
4 | "id": "AI003600",
5 | "description": "Data: Financial (eCommerce)",
6 | "tags": [
7 | "CloudServices.Finance.eCommerce"
8 | ],
9 | "severity": "critical",
10 | "patterns": [
11 | {
12 | "pattern": "pci|wallet|fips-140",
13 | "type": "regex-word",
14 | "scopes": [ "code" ],
15 | "modifiers": [ "i" ],
16 | "confidence": "medium"
17 | },
18 | {
19 | "pattern": "paypal|google pay|ebay|google\\.com/pay/api",
20 | "type": "regex",
21 | "scopes": [ "code", "comment" ],
22 | "modifiers": [ "i" ],
23 | "confidence": "high"
24 | },
25 | {
26 | "pattern": "price|shopping chart|payment",
27 | "type": "regex-word",
28 | "scopes": [ "code", "comment" ],
29 | "modifiers": [ "i" ]
30 | },
31 | {
32 | "pattern": "bigcommerce|shopify|bigcartel|woocommerce|wc_api_client|weebly|3dcart|squarespace|connect\\.squareup\\.com",
33 | "type": "regex",
34 | "scopes": [ "code", "comment" ],
35 | "modifiers": [ "i" ],
36 | "confidence": "high"
37 | },
38 | {
39 | "pattern": "demandware|yocart|opencart|magento|magentohost\/api|volusion|x-vtex-api-appkey|alibaba|apple.*pay",
40 | "type": "regex-word",
41 | "scopes": [ "code", "comment" ],
42 | "modifiers": [ "i" ],
43 | "confidence": "high"
44 | }
45 | ]
46 | }
47 | ]
--------------------------------------------------------------------------------
/RulesEngine/Issue.cs:
--------------------------------------------------------------------------------
1 | // Copyright (C) Microsoft. All rights reserved.
2 | // Licensed under the MIT License. See LICENSE.txt in the project root for license information.
3 |
4 | namespace RulesEngine
5 | {
6 |
7 | ///
8 | /// Analysis Issue
9 | ///
10 | public class Issue
11 | {
12 | ///
13 | /// Creates new instance of Issue
14 | ///
15 | public Issue()
16 | {
17 | Rule = null;
18 | Boundary = new Boundary();
19 | StartLocation = new Location();
20 | IsSuppressionInfo = false;
21 | }
22 |
23 | public Confidence Confidence { get; set; }
24 |
25 | ///
26 | /// Boundary of issue (index, length)
27 | ///
28 | public Boundary Boundary { get; set; }
29 |
30 | ///
31 | /// Location (line, column) where issue starts
32 | ///
33 | public Location StartLocation { get; set; }
34 |
35 | ///
36 | /// Location (line, column) where issue ends
37 | ///
38 | public Location EndLocation { get; set; }
39 |
40 | ///
41 | /// Matching rule
42 | ///
43 | public Rule Rule { get; set; }
44 |
45 | ///
46 | /// True if Issue refers to suppression information
47 | ///
48 | public bool IsSuppressionInfo { get; set; }
49 |
50 | public SearchPattern PatternMatch { get; set; }
51 | }
52 | }
53 |
--------------------------------------------------------------------------------
/RulesEngine/PatternType.cs:
--------------------------------------------------------------------------------
1 | // Copyright (C) Microsoft. All rights reserved.
2 | // Licensed under the MIT License. See LICENSE.txt in the project root for license information.
3 |
4 | using Newtonsoft.Json;
5 | using System;
6 |
7 | namespace RulesEngine
8 | {
9 | ///
10 | /// Pattern Type for search pattern
11 | ///
12 | public enum PatternType
13 | {
14 | Regex,
15 | RegexWord,
16 | String,
17 | Substring
18 | }
19 |
20 | ///
21 | /// Json converter for Pattern Type
22 | ///
23 | class PatternTypeConverter : JsonConverter
24 | {
25 | public override void WriteJson(JsonWriter writer, object value, JsonSerializer serializer)
26 | {
27 | PatternType svr = (PatternType)value;
28 | string svrstr = svr.ToString().ToLower();
29 |
30 | switch (svr)
31 | {
32 | case PatternType.RegexWord:
33 | svrstr = "regex-word";
34 | break;
35 | }
36 | writer.WriteValue(svrstr);
37 | writer.WriteValue(svr.ToString().ToLower());
38 | }
39 |
40 | public override object ReadJson(JsonReader reader, Type objectType, object existingValue, JsonSerializer serializer)
41 | {
42 | var enumString = (string)reader.Value;
43 | enumString = enumString.Replace("-", "");
44 | return Enum.Parse(typeof(PatternType), enumString, true);
45 | }
46 |
47 | public override bool CanConvert(Type objectType)
48 | {
49 | return objectType == typeof(string);
50 | }
51 | }
52 | }
53 |
--------------------------------------------------------------------------------
/AppInspector/rules/default/components/load_dll.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "Component: Windows DLL",
4 | "id": "AI005400",
5 | "description": "Component: Windows DLL",
6 | "applies_to": [ "csharp" ],
7 | "tags": [
8 | "Component.Executable.Microsoft.DLL"
9 | ],
10 | "severity": "moderate",
11 | "patterns": [
12 | {
13 | "pattern": "DllImport|Assembly\\.LoadFile|Assembly\\.LoadFrom",
14 | "type": "regex",
15 | "modifiers": [ "i" ],
16 | "scopes": [
17 | "code"
18 | ],
19 | "confidence": "high"
20 | }
21 | ]
22 | },
23 | {
24 | "name": "Component: Windows DLL",
25 | "id": "AI005500",
26 | "description": "Component: Windows DLL",
27 | "applies_to": [ "c", "cpp" ],
28 | "tags": [
29 | "Component.Executable.Microsoft.DLL"
30 | ],
31 | "severity": "moderate",
32 | "patterns": [
33 | {
34 | "pattern": "LoadLibrary",
35 | "type": "string",
36 | "modifiers": [ "i" ],
37 | "scopes": [
38 | "code"
39 | ],
40 | "confidence": "high"
41 | }
42 | ]
43 | },
44 | {
45 | "name": "Component: Windows DLL",
46 | "id": "AI005600",
47 | "description": "Component: Windows DLL",
48 | "applies_to": [ "python", "java" ],
49 | "tags": [
50 | "Component.Executable.Microsoft.DLL"
51 | ],
52 | "severity": "moderate",
53 | "patterns": [
54 | {
55 | "pattern": "System\\.Load|ctypes\\.WinDLL",
56 | "type": "regex",
57 | "modifiers": [ "i" ],
58 | "scopes": [
59 | "code"
60 | ],
61 | "confidence": "high"
62 | }
63 | ]
64 | }
65 | ]
--------------------------------------------------------------------------------
/AppInspector/rules/default/cryptography/key_derivation.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "Cryptography: Key Derivation",
4 | "id": "AI009300",
5 | "description": "Cryptography: Key Derivation",
6 | "tags": [
7 | "Cryptography.KeyDerivation.General"
8 | ],
9 | "severity": "moderate",
10 | "patterns": [
11 | {
12 | "pattern": "KeyDerivationAlgorithmNames|SampleDeriveKeyMaterialPbkdf|RNGCryptoServiceProvider|Rfc2898DeriveBytes|KeyDerivation|DeriveKey|PasswordDeriveBytes",
13 | "type": "regex",
14 | "scopes": [ "code" ],
15 | "modifiers": [ "i" ],
16 | "confidence": "high"
17 | }
18 | ]
19 | },
20 | {
21 | "name": "Cryptography: Key Derivation (PBKDF1)",
22 | "id": "AI009400",
23 | "description": "Cryptography: Key Derivation (PBKDF1)",
24 | "tags": [
25 | "Cryptography.KeyDerivation.PBKDF1",
26 | "Cryptography.HashAlgorithm.PBKDF1"
27 | ],
28 | "severity": "moderate",
29 | "patterns": [
30 | {
31 | "pattern": "pbkdf1",
32 | "type": "regex",
33 | "scopes": [ "code" ],
34 | "modifiers": [ "i" ],
35 | "confidence": "high"
36 | }
37 | ]
38 | },
39 | {
40 | "name": "Cryptography: Key Derivation (PBKDF2)",
41 | "id": "AI009500",
42 | "description": "Cryptography: Key Derivation (PBKDF2)",
43 | "tags": [
44 | "Cryptography.KeyDerivation.PBKDF2",
45 | "Cryptography.HashAlgorithm.PBKDF1"
46 | ],
47 | "severity": "moderate",
48 | "patterns": [
49 | {
50 | "pattern": "pbkdf2",
51 | "type": "string",
52 | "scopes": [ "code" ],
53 | "modifiers": [ "i" ],
54 | "confidence": "high"
55 | }
56 | ]
57 | }
58 | ]
--------------------------------------------------------------------------------
/RulesEngine/RulesEngine.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | netcoreapp3.0
5 | RulesEngine
6 | 1.0.2
7 | Microsoft
8 | Security Static Analysis
9 | false
10 | https://github.com/Microsoft/ApplicationInspector
11 | (c) Microsoft Corporation. All rights reserved
12 | RulesEngine is used by Application Inspector exclusively as a derivitive of a non-supported .NET version of Microsoft.DevSkim as a part now of Microsoft Application Inspector.
13 | https://github.com/Microsoft/ApplicationInspector
15 | https://github.com/Microsoft/ApplicationInspector
16 | 1.0 General Release
17 | true
18 | RulesEngine
19 | RulesEngine
20 | 1.0.17
21 |
22 |
23 |
24 |
28 |
29 |
30 |
33 |
34 |
35 |
38 |
39 |
40 |
43 |
44 |
--------------------------------------------------------------------------------
/RulesEngine/Severity.cs:
--------------------------------------------------------------------------------
1 | // Copyright (C) Microsoft. All rights reserved.
2 | // Licensed under the MIT License. See LICENSE.txt in the project root for license information.
3 |
4 | using Newtonsoft.Json;
5 | using System;
6 |
7 | namespace RulesEngine
8 | {
9 | ///
10 | /// Issue severity
11 | ///
12 | [Flags]
13 | public enum Severity
14 | {
15 | ///
16 | /// Critial issues
17 | ///
18 | Critical = 1,
19 | ///
20 | /// Important issues
21 | ///
22 | Important = 2,
23 | ///
24 | /// Moderate issues
25 | ///
26 | Moderate = 4,
27 | ///
28 | /// Best Practice
29 | ///
30 | BestPractice = 8,
31 | ///
32 | /// Issues that require manual review
33 | ///
34 | ManualReview = 16
35 | }
36 |
37 | ///
38 | /// Json Converter for Severity
39 | ///
40 | class SeverityConverter : JsonConverter
41 | {
42 | public override void WriteJson(JsonWriter writer, object value, JsonSerializer serializer)
43 | {
44 | Severity svr = (Severity)value;
45 | string svrstr = svr.ToString().ToLower();
46 |
47 | switch (svr)
48 | {
49 | case Severity.BestPractice:
50 | svrstr = "best-practice";
51 | break;
52 | case Severity.ManualReview:
53 | svrstr = "manual-review";
54 | break;
55 | }
56 |
57 | writer.WriteValue(svrstr);
58 | }
59 |
60 | public override object ReadJson(JsonReader reader, Type objectType, object existingValue, JsonSerializer serializer)
61 | {
62 | var enumString = (string)reader.Value;
63 | enumString = enumString.Replace("-", "");
64 | return Enum.Parse(typeof(Severity), enumString, true);
65 | }
66 |
67 | public override bool CanConvert(Type objectType)
68 | {
69 | return objectType == typeof(string);
70 | }
71 | }
72 | }
--------------------------------------------------------------------------------
/AppInspector/html/resources/css/c3.min.css:
--------------------------------------------------------------------------------
1 | .c3 svg{font:10px sans-serif;-webkit-tap-highlight-color:transparent}.c3 line,.c3 path{fill:none;stroke:#000}.c3 text{-webkit-user-select:none;-moz-user-select:none;user-select:none}.c3-bars path,.c3-event-rect,.c3-legend-item-tile,.c3-xgrid-focus,.c3-ygrid{shape-rendering:crispEdges}.c3-chart-arc path{stroke:#fff}.c3-chart-arc rect{stroke:#fff;stroke-width:1}.c3-chart-arc text{fill:#fff;font-size:13px}.c3-grid line{stroke:#aaa}.c3-grid text{fill:#aaa}.c3-xgrid,.c3-ygrid{stroke-dasharray:3 3}.c3-text.c3-empty{fill:grey;font-size:2em}.c3-line{stroke-width:1px}.c3-circle{fill:currentColor}.c3-circle._expanded_{stroke-width:1px;stroke:#fff}.c3-selected-circle{fill:#fff;stroke-width:2px}.c3-bar{stroke-width:0}.c3-bar._expanded_{fill-opacity:1;fill-opacity:.75}.c3-target.c3-focused{opacity:1}.c3-target.c3-focused path.c3-line,.c3-target.c3-focused path.c3-step{stroke-width:2px}.c3-target.c3-defocused{opacity:.3!important}.c3-region{fill:#4682b4;fill-opacity:.1}.c3-brush .extent{fill-opacity:.1}.c3-legend-item{font-size:12px}.c3-legend-item-hidden{opacity:.15}.c3-legend-background{opacity:.75;fill:#fff;stroke:#d3d3d3;stroke-width:1}.c3-title{font:14px sans-serif}.c3-tooltip-container{z-index:10}.c3-tooltip{border-collapse:collapse;border-spacing:0;background-color:#fff;empty-cells:show;-webkit-box-shadow:7px 7px 12px -9px #777;-moz-box-shadow:7px 7px 12px -9px #777;box-shadow:7px 7px 12px -9px #777;opacity:.9}.c3-tooltip tr{border:1px solid #ccc}.c3-tooltip th{background-color:#aaa;font-size:14px;padding:2px 5px;text-align:left;color:#fff}.c3-tooltip td{font-size:13px;padding:3px 6px;background-color:#fff;border-left:1px dotted #999}.c3-tooltip td>span{display:inline-block;width:10px;height:10px;margin-right:6px}.c3-tooltip .value{text-align:right}.c3-area{stroke-width:0;opacity:.2}.c3-chart-arcs-title{dominant-baseline:middle;font-size:1.3em}.c3-chart-arcs .c3-chart-arcs-background{fill:#e0e0e0;stroke:#fff}.c3-chart-arcs .c3-chart-arcs-gauge-unit{fill:#000;font-size:16px}.c3-chart-arcs .c3-chart-arcs-gauge-max{fill:#777}.c3-chart-arcs .c3-chart-arcs-gauge-min{fill:#777}.c3-chart-arc .c3-gauge-value{fill:#000}.c3-chart-arc.c3-target g path{opacity:1}.c3-chart-arc.c3-target.c3-focused g path{opacity:1}.c3-drag-zoom.enabled{pointer-events:all!important;visibility:visible}.c3-drag-zoom.disabled{pointer-events:none!important;visibility:hidden}.c3-drag-zoom .extent{fill-opacity:.1}
--------------------------------------------------------------------------------
/AppInspector.sln:
--------------------------------------------------------------------------------
1 |
2 | Microsoft Visual Studio Solution File, Format Version 12.00
3 | # Visual Studio Version 16
4 | VisualStudioVersion = 16.0.29411.108
5 | MinimumVisualStudioVersion = 10.0.40219.1
6 | Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "AppInspector", "AppInspector\AppInspector.csproj", "{C6D58D43-481F-456F-90E8-FAC3779E6CC6}"
7 | EndProject
8 | Project("{2150E333-8FDC-42A3-9474-1A3956D46DE8}") = "Solution Items", "Solution Items", "{876245F3-D7C5-4AA3-A288-2CE94BF63B8E}"
9 | ProjectSection(SolutionItems) = preProject
10 | README.md = README.md
11 | EndProjectSection
12 | EndProject
13 | Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "RulesEngine", "RulesEngine\RulesEngine.csproj", "{C19A98D2-629D-4F4D-87E4-3154416970BA}"
14 | EndProject
15 | Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "MultiExtractor", "MultiExtractor\MultiExtractor.csproj", "{7C07A2A2-508E-4BBE-873F-F60F9FB4A9D9}"
16 | EndProject
17 | Global
18 | GlobalSection(SolutionConfigurationPlatforms) = preSolution
19 | Debug|Any CPU = Debug|Any CPU
20 | Release|Any CPU = Release|Any CPU
21 | EndGlobalSection
22 | GlobalSection(ProjectConfigurationPlatforms) = postSolution
23 | {C6D58D43-481F-456F-90E8-FAC3779E6CC6}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
24 | {C6D58D43-481F-456F-90E8-FAC3779E6CC6}.Debug|Any CPU.Build.0 = Debug|Any CPU
25 | {C6D58D43-481F-456F-90E8-FAC3779E6CC6}.Release|Any CPU.ActiveCfg = Release|Any CPU
26 | {C6D58D43-481F-456F-90E8-FAC3779E6CC6}.Release|Any CPU.Build.0 = Release|Any CPU
27 | {C19A98D2-629D-4F4D-87E4-3154416970BA}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
28 | {C19A98D2-629D-4F4D-87E4-3154416970BA}.Debug|Any CPU.Build.0 = Debug|Any CPU
29 | {C19A98D2-629D-4F4D-87E4-3154416970BA}.Release|Any CPU.ActiveCfg = Release|Any CPU
30 | {C19A98D2-629D-4F4D-87E4-3154416970BA}.Release|Any CPU.Build.0 = Release|Any CPU
31 | {7C07A2A2-508E-4BBE-873F-F60F9FB4A9D9}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
32 | {7C07A2A2-508E-4BBE-873F-F60F9FB4A9D9}.Debug|Any CPU.Build.0 = Debug|Any CPU
33 | {7C07A2A2-508E-4BBE-873F-F60F9FB4A9D9}.Release|Any CPU.ActiveCfg = Release|Any CPU
34 | {7C07A2A2-508E-4BBE-873F-F60F9FB4A9D9}.Release|Any CPU.Build.0 = Release|Any CPU
35 | EndGlobalSection
36 | GlobalSection(SolutionProperties) = preSolution
37 | HideSolutionNode = FALSE
38 | EndGlobalSection
39 | GlobalSection(ExtensibilityGlobals) = postSolution
40 | SolutionGuid = {1D8F88F7-47D4-475A-B1AF-713132222341}
41 | EndGlobalSection
42 | EndGlobal
43 |
--------------------------------------------------------------------------------
/AppInspector/html/resources/css/appinspector.css:
--------------------------------------------------------------------------------
1 | body {
2 | background-color: #fcfefd !important;
3 | font-family: 'Segoe UI',Roboto,Oxygen-Sans,Ubuntu,Cantarell,'Helvetica Neue',sans-serif;
4 | }
5 |
6 | a:hover {
7 | text-decoration: none;
8 | }
9 |
10 | .navbar {
11 | background-color: #F3F3F3 !important;
12 | }
13 | .navbar-brand:focus, .navbar-brand:hover {
14 | text-decoration: none !important;
15 | color: #000 !important;
16 | }
17 |
18 | .navbar-lg {
19 | min-height: 80px;
20 | border-radius: 0;
21 | padding-top: 0;
22 | padding-left: 0;
23 | padding-right: 0;
24 | padding-bottom: 5px;
25 | }
26 |
27 | .navbar-lg .navbar-brand {
28 | margin-left: 80px;
29 | font-size: 24px;
30 | font-weight: bold;
31 | color: #000;
32 | }
33 |
34 | .navbar-lg .navbar-nav > li {
35 | margin-left: 15px;
36 | margin-right: 15px;
37 | font-size: 0.90em;
38 | }
39 |
40 | .navbar-lg .navbar-nav > li > a {
41 | color: #000;
42 | }
43 |
44 | #file_listing_modal div.modal-dialog {
45 | max-width: 70%;
46 | }
47 |
48 | /* Report Overview */
49 | div.section {
50 | margin-top: 15px;
51 | margin-bottom: 15px;
52 | }
53 |
54 | #page__report_overview table tr:first-child td {
55 | border-top: 0;
56 | }
57 |
58 | #page__report_overview table td {
59 | padding: 0.10rem 0.55rem 0.10rem 0.55rem;
60 | }
61 |
62 | #page__report_overview table td:first-child {
63 | text-align: center;
64 | color: #888;
65 | }
66 |
67 | #page__report_overview table td:nth-child(2) {
68 | text-align: center;
69 | font-weight: bold;
70 | }
71 |
72 | #page__report_overview table td:nth-child(3) {
73 | color: #888;
74 | }
75 |
76 | /* Report Summary */
77 | .c3-chart-arcs-title {
78 | font-weight: bold;
79 | }
80 |
81 | /* Report Profile */
82 | #page__report_profile div.accordion {
83 | padding-bottom: 6px;
84 | border-bottom: 1px solid #0078d4;
85 | }
86 | #page__report_profile div.grid-1 {
87 | width: 32px !important;
88 | display: inline-block;
89 | text-align: center;
90 | margin-left: 6px;
91 | margin-right: 6px;
92 | color: #7FBA00;
93 | font-size: 1.4rem;
94 | }
95 |
96 | #page__report_profile div.grid-2 {
97 | font-size: 1.4rem;
98 | }
99 |
100 | #page__report_profile table td:nth-child(1) {
101 | font-weight: normal;
102 | font-size: 0.9rem;
103 | vertical-align: middle;
104 | }
105 |
106 | #page__report_profile a.disabled {
107 | color: #ccc;
108 | cursor: default;
109 | }
110 |
--------------------------------------------------------------------------------
/RulesEngine/Rule.cs:
--------------------------------------------------------------------------------
1 | // Copyright (C) Microsoft. All rights reserved.
2 | // Licensed under the MIT License. See LICENSE.txt in the project root for license information.
3 |
4 | using Newtonsoft.Json;
5 |
6 | namespace RulesEngine
7 | {
8 | ///
9 | /// Class to hold the Rule
10 | ///
11 | public class Rule
12 | {
13 |
14 | public Rule()
15 | {
16 | Severity = Severity.Moderate;//default
17 | }
18 | ///
19 | /// Name of the source where the rule definition came from.
20 | /// Typically file, database or other storage.
21 | ///
22 | [JsonIgnore]
23 | public string Source { get; set; }
24 |
25 | ///
26 | /// Optional tag assigned to the rule during runtime
27 | ///
28 | [JsonIgnore]
29 | public string RuntimeTag { get; set; }
30 |
31 | ///
32 | /// Runtime flag to disable the rule
33 | ///
34 | [JsonIgnore]
35 | public bool Disabled { get; set; }
36 |
37 | [JsonProperty(PropertyName = "id")]
38 | public string Id { get; set; }
39 |
40 | [JsonProperty(PropertyName = "name")]
41 | public string Name { get; set; }
42 |
43 | [JsonProperty(PropertyName = "overrides")]
44 | public string[] Overrides { get; set; }
45 |
46 | [JsonProperty(PropertyName = "schema_version")]
47 | public int SchemaVersion { get; set; }
48 |
49 | [JsonProperty(PropertyName = "tags")]
50 | public string[] Tags { get; set; }
51 |
52 | [JsonProperty(PropertyName = "applies_to")]
53 | public string[] AppliesTo { get; set; }
54 |
55 | [JsonProperty(PropertyName = "severity")]
56 | [JsonConverter(typeof(SeverityConverter))]
57 | public Severity Severity { get; set; }
58 |
59 | [JsonProperty(PropertyName = "description")]
60 | public string Description { get; set; }
61 |
62 | [JsonProperty(PropertyName = "recommendation")]
63 | public string Recommendation { get; set; }
64 |
65 | [JsonProperty(PropertyName = "rule_info")]
66 | public string RuleInfo { get; set; }
67 |
68 | [JsonProperty(PropertyName = "patterns")]
69 | public SearchPattern[] Patterns { get; set; }
70 |
71 | [JsonProperty(PropertyName = "conditions")]
72 | public SearchCondition[] Conditions { get; set; }
73 |
74 | [JsonProperty(PropertyName = "fix_its")]
75 | public CodeFix[] Fixes { get; set; }
76 |
77 | }
78 |
79 |
80 | }
81 |
--------------------------------------------------------------------------------
/AppInspector/rules/default/cryptography/algorithm_implementation.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "Cryptography: Algorithm Implementation",
4 | "id": "AI005700",
5 | "description": "Cryptography: Algorithm Implementation",
6 | "tags": [
7 | "Cryptography.Implementation"
8 | ],
9 | "severity": "important",
10 | "_comment": "Implementing a standard cryptographic algorithm",
11 | "patterns": [
12 | {
13 | "pattern": "5a827999",
14 | "type": "regex-word",
15 | "scopes": [ "code" ],
16 | "confidence": "high",
17 | "modifiers": []
18 | }
19 | ]
20 | },
21 | {
22 | "name": "Cryptography: Algorithm Implementation (SHA1)",
23 | "id": "AI005800",
24 | "description": "Cryptography: Algorithm Implementation (SHA1)",
25 | "tags": [
26 | "Cryptography.Implementation.SHA1"
27 | ],
28 | "severity": "important",
29 | "patterns": [
30 | {
31 | "pattern": "5a827999",
32 | "type": "string",
33 | "scopes": [ "code" ],
34 | "confidence": "high",
35 | "modifiers": [ "i" ]
36 | }
37 | ]
38 | },
39 | {
40 | "name": "Cryptography: Algorithm Implementation (MD5)",
41 | "id": "AI005900",
42 | "description": "Cryptography: Algorithm Implementation (MD5)",
43 | "tags": [
44 | "Cryptography.Implementation.MD5"
45 | ],
46 | "severity": "important",
47 | "patterns": [
48 | {
49 | "pattern": "242070db",
50 | "type": "string",
51 | "scopes": [ "code" ],
52 | "confidence": "high",
53 | "modifiers": [ "i" ]
54 | }
55 | ]
56 | },
57 | {
58 | "name": "Cryptography: Algorithm Implementation (SHA-256)",
59 | "id": "AI006000",
60 | "description": "Cryptography: Algorithm Implementation (SHA-256)",
61 | "tags": [
62 | "Cryptography.Implementation.SHA256"
63 | ],
64 | "severity": "important",
65 | "patterns": [
66 | {
67 | "pattern": "d807aa98",
68 | "type": "string",
69 | "scopes": [ "code" ],
70 | "confidence": "high",
71 | "modifiers": [ "i" ]
72 | }
73 | ]
74 | },
75 | {
76 | "name": "Cryptography: Algorithm Implementation (Keccak)",
77 | "id": "AI006100",
78 | "description": "Cryptography: Algorithm Implementation (Keccak)",
79 | "tags": [
80 | "Cryptography.Implementation.SHA256"
81 | ],
82 | "severity": "important",
83 | "patterns": [
84 | {
85 | "pattern": "800000000000808A",
86 | "type": "string",
87 | "scopes": [ "code" ],
88 | "confidence": "high",
89 | "modifiers": [ "i" ]
90 | }
91 | ]
92 | }
93 | ]
--------------------------------------------------------------------------------
/AppInspector/rules/default/frameworks/PHP.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "Detect Frameworks",
4 | "id": "AI023700",
5 | "description": "Detect well-known frameworks used",
6 | "recommendation": "",
7 | "applies_to": [ "php" ],
8 | "tags": [ "Framework.Development.PHP" ],
9 | "severity": "moderate",
10 | "_comment": "",
11 | "rule_info": "",
12 | "patterns": [
13 | {
14 | "pattern": "Laravel",
15 | "type": "regex",
16 | "scopes": [ "code", "comment" ],
17 | "modifiers": [ "i" ],
18 | "confidence": "high",
19 | "_comment": ""
20 | },
21 | {
22 | "pattern": "Symfony",
23 | "type": "regex",
24 | "scopes": [ "code", "comment" ],
25 | "modifiers": [ "i" ],
26 | "confidence": "high",
27 | "_comment": ""
28 | },
29 | {
30 | "pattern": "CodeIgniter",
31 | "type": "regex",
32 | "scopes": [ "code", "comment" ],
33 | "modifiers": [ "i" ],
34 | "confidence": "high",
35 | "_comment": ""
36 | },
37 | {
38 | "pattern": "Zend",
39 | "type": "regex",
40 | "scopes": [ "code", "comment" ],
41 | "modifiers": [ "i" ],
42 | "confidence": "high",
43 | "_comment": ""
44 | },
45 | {
46 | "pattern": "Fuelphp",
47 | "type": "regex",
48 | "scopes": [ "code", "comment" ],
49 | "modifiers": [ "i" ],
50 | "confidence": "high",
51 | "_comment": ""
52 | },
53 | {
54 | "pattern": "Slim",
55 | "type": "regex",
56 | "scopes": [ "code", "comment" ],
57 | "modifiers": [ "i" ],
58 | "confidence": "high",
59 | "_comment": ""
60 | },
61 | {
62 | "pattern": "Phalcon",
63 | "type": "regex",
64 | "scopes": [ "code", "comment" ],
65 | "modifiers": [ "i" ],
66 | "confidence": "high",
67 | "_comment": ""
68 | },
69 | {
70 | "pattern": "Aura",
71 | "type": "regex",
72 | "scopes": [ "code", "comment" ],
73 | "modifiers": [ "i" ],
74 | "confidence": "high",
75 | "_comment": ""
76 | },
77 | {
78 | "pattern": "Yii",
79 | "type": "regex",
80 | "scopes": [ "code", "comment" ],
81 | "modifiers": [ "i" ],
82 | "confidence": "high",
83 | "_comment": ""
84 | },
85 | {
86 | "pattern": "Cakephp",
87 | "type": "regex",
88 | "scopes": [ "code", "comment" ],
89 | "modifiers": [ "i" ],
90 | "confidence": "high",
91 | "_comment": ""
92 | }
93 | ]
94 | }
95 | ]
--------------------------------------------------------------------------------
/.gitattributes:
--------------------------------------------------------------------------------
1 | ###############################################################################
2 | # Set default behavior to automatically normalize line endings.
3 | ###############################################################################
4 | * text=auto
5 |
6 | ###############################################################################
7 | # Set default behavior for command prompt diff.
8 | #
9 | # This is need for earlier builds of msysgit that does not have it on by
10 | # default for csharp files.
11 | # Note: This is only used by command line
12 | ###############################################################################
13 | #*.cs diff=csharp
14 |
15 | ###############################################################################
16 | # Set the merge driver for project and solution files
17 | #
18 | # Merging from the command prompt will add diff markers to the files if there
19 | # are conflicts (Merging from VS is not affected by the settings below, in VS
20 | # the diff markers are never inserted). Diff markers may cause the following
21 | # file extensions to fail to load in VS. An alternative would be to treat
22 | # these files as binary and thus will always conflict and require user
23 | # intervention with every merge. To do so, just uncomment the entries below
24 | ###############################################################################
25 | #*.sln merge=binary
26 | #*.csproj merge=binary
27 | #*.vbproj merge=binary
28 | #*.vcxproj merge=binary
29 | #*.vcproj merge=binary
30 | #*.dbproj merge=binary
31 | #*.fsproj merge=binary
32 | #*.lsproj merge=binary
33 | #*.wixproj merge=binary
34 | #*.modelproj merge=binary
35 | #*.sqlproj merge=binary
36 | #*.wwaproj merge=binary
37 |
38 | ###############################################################################
39 | # behavior for image files
40 | #
41 | # image files are treated as binary by default.
42 | ###############################################################################
43 | #*.jpg binary
44 | #*.png binary
45 | #*.gif binary
46 |
47 | ###############################################################################
48 | # diff behavior for common document formats
49 | #
50 | # Convert binary document formats to text before diffing them. This feature
51 | # is only available from the command line. Turn it on by uncommenting the
52 | # entries below.
53 | ###############################################################################
54 | #*.doc diff=astextplain
55 | #*.DOC diff=astextplain
56 | #*.docx diff=astextplain
57 | #*.DOCX diff=astextplain
58 | #*.dot diff=astextplain
59 | #*.DOT diff=astextplain
60 | #*.pdf diff=astextplain
61 | #*.PDF diff=astextplain
62 | #*.rtf diff=astextplain
63 | #*.RTF diff=astextplain
64 |
--------------------------------------------------------------------------------
/SECURITY.md:
--------------------------------------------------------------------------------
1 | ## Security
2 |
3 | Microsoft takes the security of our software products and services seriously, which includes all source code repositories managed through our GitHub organizations, which include [Microsoft](https://github.com/Microsoft), [Azure](https://github.com/Azure), [DotNet](https://github.com/dotnet), [AspNet](https://github.com/aspnet), [Xamarin](https://github.com/xamarin), and [many more](https://opensource.microsoft.com/).
4 |
5 | If you believe you have found a security vulnerability in any Microsoft-owned repository that meets Microsoft's [definition](https://docs.microsoft.com/en-us/previous-versions/tn-archive/cc751383(v=technet.10)) of a security vulnerability, please report it to us as described below.
6 |
7 | ## Reporting Security Issues
8 |
9 | **Please do not report security vulnerabilities through public GitHub issues.**
10 |
11 | Instead, please report them to the Microsoft Security Response Center (MSRC) at [https://msrc.microsoft.com/create-report](https://msrc.microsoft.com/create-report).
12 |
13 | If you prefer to submit without logging in, send email to [secure@microsoft.com](mailto:secure@microsoft.com). If possible, encrypt your message with our PGP key; please download it from the the [Microsoft Security Response Center PGP Key page](https://www.microsoft.com/en-us/msrc/pgp-key-msrc).
14 |
15 | You should receive a response within 24 hours. If for some reason you do not, please follow up via email to ensure we received your original message. Additional information can be found at [microsoft.com/msrc](https://www.microsoft.com/msrc).
16 |
17 | Please include the requested information listed below (as much as you can provide) to help us better understand the nature and scope of the possible issue:
18 |
19 | * Type of issue (e.g. buffer overflow, SQL injection, cross-site scripting, etc.)
20 | * Full paths of source file(s) related to the manifestation of the issue
21 | * The location of the affected source code (tag/branch/commit or direct URL)
22 | * Any special configuration required to reproduce the issue
23 | * Step-by-step instructions to reproduce the issue
24 | * Proof-of-concept or exploit code (if possible)
25 | * Impact of the issue, including how an attacker might exploit the issue
26 |
27 | This information will help us triage your report more quickly.
28 |
29 | If you are reporting for a bug bounty, more complete reports can contribute to a higher bounty award. Please visit our [Microsoft Bug Bounty Program](https://microsoft.com/msrc/bounty) page for more details about our active programs.
30 |
31 | ## Preferred Languages
32 |
33 | We prefer all communications to be in English.
34 |
35 | ## Policy
36 |
37 | Microsoft follows the principle of [Coordinated Vulnerability Disclosure](https://www.microsoft.com/en-us/msrc/cvd).
38 |
--------------------------------------------------------------------------------
/AppInspector/rules/default/cloud_services/socialmedia.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "Social Media: Facebook",
4 | "id": "AI003700",
5 | "description": "Social Media Facebook",
6 | "tags": [
7 | "CloudServices.SocialMedia.Facebook"
8 | ],
9 | "severity": "moderate",
10 | "patterns": [
11 | {
12 | "pattern": "facebook",
13 | "type": "string",
14 | "scopes": [ "code", "comment" ],
15 | "modifiers": [ "i" ],
16 | "confidence": "high"
17 | }
18 | ]
19 | },
20 | {
21 | "name": "Social Media: Twitter",
22 | "id": "AI003800",
23 | "description": "Social Media (Twitter)",
24 | "tags": [
25 | "CloudServices.SocialMedia.Twitter"
26 | ],
27 | "severity": "moderate",
28 | "patterns": [
29 | {
30 | "pattern": "twitter",
31 | "type": "string",
32 | "scopes": [ "code", "comment" ],
33 | "modifiers": [ "i" ],
34 | "confidence": "high"
35 | }
36 | ]
37 | },
38 | {
39 | "name": "Social Media: YouTube",
40 | "id": "AI003900",
41 | "description": "Social Media (YouTube)",
42 | "tags": [
43 | "CloudServices.SocialMedia.YouTube"
44 | ],
45 | "severity": "moderate",
46 | "patterns": [
47 | {
48 | "pattern": "youtube",
49 | "type": "string",
50 | "scopes": [ "code", "comment" ],
51 | "modifiers": [ "i" ],
52 | "confidence": "high"
53 | }
54 | ]
55 | },
56 | {
57 | "name": "Social Media: Instagram",
58 | "id": "AI004000",
59 | "description": "Social Media: Instagram",
60 | "tags": [
61 | "CloudServices.SocialMedia.Instagram"
62 | ],
63 | "severity": "moderate",
64 | "patterns": [
65 | {
66 | "pattern": "instagram",
67 | "type": "string",
68 | "scopes": [ "code", "comment" ],
69 | "modifiers": [ "i" ],
70 | "confidence": "high"
71 | }
72 | ]
73 | },
74 | {
75 | "name": "Social Media: Misc",
76 | "id": "AI004100",
77 | "description": "Social Media: Misc",
78 | "tags": [
79 | "CloudServices.SocialMedia.Misc"
80 | ],
81 | "severity": "moderate",
82 | "patterns": [
83 | {
84 | "pattern": "reddit|snapchat|whatsapp|tumblr|qzone|weibo|pinterest|ask\\.fm|flickr|linkedin|odnoklassniki|meetup",
85 | "type": "regex",
86 | "scopes": [ "code", "comment" ],
87 | "modifiers": [ "i" ],
88 | "confidence": "high"
89 | },
90 | {
91 | "pattern": "discord|diaspora|sociall\\.io|mastodon",
92 | "type": "regex",
93 | "scopes": [ "code", "comment" ],
94 | "modifiers": [ "i" ],
95 | "confidence": "high"
96 | }
97 | ]
98 | }
99 | ]
100 |
--------------------------------------------------------------------------------
/AppInspector/rules/default/os/setenv.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "OS: Environment Variable (Write)",
4 | "id": "AI037500",
5 | "description": "OS: Environment Variable (Write)",
6 | "applies_to": [
7 | ],
8 | "tags": [
9 | "OS.Environment.Write"
10 | ],
11 | "severity": "moderate",
12 | "_comment": "",
13 | "patterns": [
14 | {
15 | "pattern": "setenv|putenv",
16 | "type": "regex-word",
17 | "scopes": [
18 | "code"
19 | ],
20 | "_comment": ""
21 | }
22 | ]
23 | },
24 | {
25 | "name": "OS: Environment Variable",
26 | "id": "AI037600",
27 | "description": "OS: Environment Variable",
28 | "applies_to": [
29 | ],
30 | "tags": [
31 | "OS.Environment.Windows.RegistryLocation"
32 | ],
33 | "severity": "moderate",
34 | "_comment": "Windows Registry location for environment variables",
35 | "patterns": [
36 | {
37 | "pattern": "System\\CurrentControlSet\\Control\\Session Manager\\Environment",
38 | "type": "substring",
39 | "scopes": [
40 | "code"
41 | ],
42 | "_comment": ""
43 | }
44 | ]
45 | },
46 | {
47 | "name": "OS: Environment Variable (Write)",
48 | "id": "AI037700",
49 | "description": "OS: Environment Variable (Write)",
50 | "applies_to": [
51 | "python"
52 | ],
53 | "tags": [
54 | "OS.Environment.Write"
55 | ],
56 | "severity": "moderate",
57 | "patterns": [
58 | {
59 | "pattern": "\\bos\\.environ.+=",
60 | "type": "regex",
61 | "scopes": [
62 | "code"
63 | ],
64 | "_comment": ""
65 | }
66 | ]
67 | },
68 | {
69 | "name": "OS: Environment Variable (Write)",
70 | "id": "AI037800",
71 | "description": "OS: Environment Variable (Write)",
72 | "applies_to": [
73 | "csharp"
74 | ],
75 | "tags": [
76 | "OS.Environment.Write"
77 | ],
78 | "severity": "moderate",
79 | "_comment": "",
80 | "patterns": [
81 | {
82 | "pattern": "SetEnvironmentVariable",
83 | "type": "string",
84 | "scopes": [
85 | "code"
86 | ],
87 | "_comment": ""
88 | }
89 | ]
90 | },
91 | {
92 | "name": "OS: Environment Variable (Write)",
93 | "id": "AI037900",
94 | "description": "OS: Environment Variable (Write)",
95 | "applies_to": [
96 | "powershell"
97 | ],
98 | "tags": [
99 | "OS.Environment.Write"
100 | ],
101 | "severity": "moderate",
102 | "_comment": "",
103 | "patterns": [
104 | {
105 | "pattern": "\\$env:.+=",
106 | "type": "regex",
107 | "scopes": [
108 | "code"
109 | ],
110 | "_comment": ""
111 | }
112 | ]
113 | }
114 | ]
--------------------------------------------------------------------------------
/AppInspector/rules/default/data_types/secrets.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "Data: Access Credentials",
4 | "id": "AI015800",
5 | "description": "Data: Access Credentials",
6 | "tags": [
7 | "Data.Sensitive.Credentials"
8 | ],
9 | "severity": "critical",
10 | "patterns": [
11 | {
12 | "pattern": "username|userid|passphrase|secret|password|credential|credentials|access_token",
13 | "type": "regex-word",
14 | "scopes": [
15 | "code"
16 | ],
17 | "confidence": "high",
18 | "modifiers": [ "i" ]
19 | },
20 | {
21 | "pattern": "\\.htpasswd|secret_key|private_key|authorized_keys|npmrc|\\.ssh",
22 | "type": "regex-word",
23 | "scopes": [
24 | "code"
25 | ],
26 | "confidence": "high",
27 | "modifiers": [ "i" ]
28 | },
29 | {
30 | "pattern": "auth_token|access_token|password|passwrd|client_credentials|client_*id|client_*secret",
31 | "type": "regex-word",
32 | "scopes": [ "code" ],
33 | "modifiers": [ "i" ],
34 | "confidence": "high"
35 | }
36 | ]
37 | },
38 | {
39 | "name": "Data: Embedded Secret",
40 | "id": "AI015900",
41 | "description": "Data: Embedded Secret",
42 | "tags": [
43 | "Data.Sensitive.Secret"
44 | ],
45 | "severity": "critical",
46 | "patterns": [
47 | {
48 | "pattern": "(secret|pass).*[a-f0-9]{30,}",
49 | "type": "regex",
50 | "scopes": [
51 | "code"
52 | ],
53 | "modifiers": [ "i" ],
54 | "confidence": "low"
55 | },
56 | {
57 | "pattern": "[\"'][a-f0-9]{30,}[\"']",
58 | "type": "regex",
59 | "scopes": [
60 | "code"
61 | ],
62 | "modifiers": [ "i" ],
63 | "confidence": "low"
64 | }
65 | ]
66 | },
67 | {
68 | "name": "Data: Secret",
69 | "id": "AI016000",
70 | "description": "Data: Secret",
71 | "tags": [
72 | "Data.Sensitive.Secret"
73 | ],
74 | "severity": "important",
75 | "patterns": [
76 | {
77 | "pattern": "(strictly|highly) confidential",
78 | "type": "regex",
79 | "scopes": [ "code", "comment" ],
80 | "modifiers": [ "i" ],
81 | "_comment": ""
82 | },
83 | {
84 | "pattern": "secret",
85 | "type": "string",
86 | "scopes": [ "code", "comment" ],
87 | "modifiers": [ "i" ]
88 | }
89 | ]
90 | },
91 | {
92 | "name": "Data: Product Key",
93 | "id": "AI016100",
94 | "description": "Data: Product Key",
95 | "tags": [
96 | "Data.Sensitive.ProductKey"
97 | ],
98 | "severity": "critical",
99 | "patterns": [
100 | {
101 | "pattern": "product[ ]*key",
102 | "type": "regex",
103 | "scopes": [ "code", "comment" ],
104 | "modifiers": [ "i" ],
105 | "_comment": ""
106 | }
107 | ]
108 | }
109 | ]
--------------------------------------------------------------------------------
/AppInspector/rules/default/cryptography/random.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "Crypgraphy: PRNG",
4 | "id": "AI010000",
5 | "description": "Crypgraphy: PRNG",
6 | "tags": [
7 | "Cryptography.Randomness.PRNG"
8 | ],
9 | "applies_to": [
10 | "c",
11 | "cpp"
12 | ],
13 | "severity": "critical",
14 | "patterns": [
15 | {
16 | "pattern": "DUAL_EC_DRBG",
17 | "type": "string",
18 | "scopes": [
19 | "code"
20 | ],
21 | "confidence": "high",
22 | "_comment": ""
23 | },
24 | {
25 | "pattern": "pseudoRandomBytes",
26 | "type": "string",
27 | "scopes": [
28 | "code"
29 | ],
30 | "confidence": "high",
31 | "_comment": ""
32 | },
33 | {
34 | "pattern": "rand|srand",
35 | "type": "regex-word",
36 | "scopes": [
37 | "code"
38 | ],
39 | "confidence": "low",
40 | "_comment": ""
41 | }
42 | ]
43 | },
44 | {
45 | "name": "Crypgraphy: PRNG",
46 | "id": "AI010100",
47 | "description": "Crypgraphy: PRNG",
48 | "tags": [
49 | "Cryptography.Randomness.PRNG"
50 | ],
51 | "applies_to": [
52 | "javascript"
53 | ],
54 | "severity": "critical",
55 | "patterns": [
56 | {
57 | "pattern": "(pseudo)?randombytes",
58 | "type": "string",
59 | "scopes": [
60 | "code"
61 | ],
62 | "modifiers": [ "i" ],
63 | "confidence": "high"
64 | }
65 | ]
66 | },
67 | {
68 | "name": "Crypgraphy: PRNG",
69 | "id": "AI010200",
70 | "description": "Crypgraphy: PRNG",
71 | "tags": [
72 | "Cryptography.Randomness.PRNG"
73 | ],
74 | "applies_to": [
75 | "java"
76 | ],
77 | "severity": "critical",
78 | "patterns": [
79 | {
80 | "pattern": "SecureRandom",
81 | "type": "string",
82 | "scopes": [
83 | "code"
84 | ],
85 | "confidence": "high"
86 | }
87 | ]
88 | },
89 | {
90 | "name": "Crypgraphy: PRNG",
91 | "id": "AI010300",
92 | "description": "Crypgraphy: PRNG",
93 | "tags": [
94 | "Cryptography.Randomness.PRNG"
95 | ],
96 | "applies_to": [
97 | "csharp"
98 | ],
99 | "severity": "critical",
100 | "patterns": [
101 | {
102 | "pattern": "RandomNumberGenerator",
103 | "type": "string",
104 | "scopes": [
105 | "code"
106 | ],
107 | "confidence": "high"
108 | }
109 | ]
110 | },
111 | {
112 | "name": "Crypgraphy: PRNG",
113 | "id": "AI010400",
114 | "description": "Crypgraphy: PRNG",
115 | "tags": [
116 | "Cryptography.Randomness.PRNG"
117 | ],
118 | "severity": "critical",
119 | "patterns": [
120 | {
121 | "pattern": "random",
122 | "type": "string",
123 | "scopes": [
124 | "code"
125 | ],
126 | "confidence": "low"
127 | }
128 | ]
129 | }
130 | ]
131 |
--------------------------------------------------------------------------------
/AppInspector/ErrorMessage.cs:
--------------------------------------------------------------------------------
1 | // Copyright (C) Microsoft. All rights reserved.
2 | // Licensed under the MIT License. See LICENSE.txt in the project root for license information.
3 |
4 |
5 | using System;
6 | using ApplicationInspector.Properties;
7 |
8 | namespace Microsoft.AppInspector
9 | {
10 | static public class ErrMsg
11 | {
12 | ///
13 | /// Maps enum values to resource strings for ensuring values exists at compile time
14 | ///
15 | public enum ID
16 | {
17 | ANALYZE_COMPRESSED_FILETYPE,
18 | ANALYZE_FILES_PROCESSED_PCNT,
19 | ANALYZE_NOPATTERNS,
20 | ANALYZE_NOSUPPORTED_FILETYPES,
21 | ANALYZE_UNCOMPRESSED_FILETYPE,
22 | ANALYZE_UNSUPPORTED_COMPR_TYPE,
23 | ANALYZE_FILESIZE_SKIPPED,
24 | ANALYZE_COMPRESSED_FILESIZE_WARN,
25 | ANALYZE_COMPRESSED_PROCESSING,
26 | ANALYZE_COMPRESSED_ERROR,
27 | ANALYZE_OUTPUT_FILE,
28 | ANALYZE_REPORTSIZE_WARN,
29 | CMD_PREPARING_REPORT,
30 | CMD_COMPLETED,
31 | CMD_CRITICAL_FILE_ERR,
32 | CMD_INVALID_ARG_VALUE,
33 | CMD_INVALID_FILE_OR_DIR,
34 | CMD_REPORT_DONE,
35 | CMD_REQUIRED_ARG_MISSING,
36 | CMD_RUNNING,
37 | CMD_INVALID_RULE_PATH,
38 | CMD_NORULES_SPECIFIED,
39 | TAGDIFF_NO_TAGS_FOUND,
40 | TAGDIFF_RESULTS_DIFFER,
41 | TAGDIFF_RESULTS_GAP,
42 | TAGDIFF_RESULTS_TEST_TYPE,
43 | TAGDIFF_SAME_FILE_ARG,
44 | TAGDIFF_RESULTS_SUCCESSS,
45 | TAGDIFF_RESULTS_FAIL,
46 | TAGTEST_RESULTS_NONE,
47 | TAGTEST_RESULTS_TAGS_FOUND,
48 | TAGTEST_RESULTS_TAGS_MISSING,
49 | TAGTEST_RESULTS_TEST_TYPE,
50 | TAGTEST_RESULTS_SUCCESS,
51 | TAGTEST_RESULTS_FAIL,
52 | VERIFY_RULE_FAILED,
53 | VERIFY_RULES_RESULTS_FAIL,
54 | VERIFY_RULES_RESULTS_SUCCESS,
55 | RUNTIME_ERROR_NAMED,
56 | RUNTIME_ERROR_UNNAMED,
57 | RUNTIME_ERROR_PRELOG,
58 | BROWSER_ENVIRONMENT_VAR,
59 | BROWSER_START_FAIL,
60 | BROWSER_START_SUCCESS
61 | };
62 |
63 | public static string GetString(ErrMsg.ID id)
64 | {
65 | string result = "";
66 | try
67 | {
68 | result = Resources.ResourceManager.GetString(id.ToString());
69 | }
70 | catch (Exception e)
71 | {
72 | string error = string.Format("Unable to locate requested string resource {0}", id);
73 | error += e.Message + "\n" + e.StackTrace;
74 | throw new Exception(error);
75 | }
76 |
77 | return result;
78 |
79 | }
80 |
81 | public static string FormatString(ErrMsg.ID id, params object[] parameters)
82 | {
83 | return String.Format(GetString(id), parameters);
84 | }
85 |
86 | public static string FormatString(ErrMsg.ID id, int value)
87 | {
88 | return String.Format(GetString(id), value);
89 | }
90 |
91 | }
92 | }
93 |
--------------------------------------------------------------------------------
/AppInspector/rules/default/data_types/media.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "Data: Audio File",
4 | "id": "AI015600",
5 | "description": "Data: Audio File",
6 | "tags": [
7 | "Data.Media.Audio"
8 | ],
9 | "severity": "moderate",
10 | "patterns": [
11 | {
12 | "pattern": "\\.(wma|wmv|asf|vp9|cr2|wav|mpeg|gsm|ogg|au|aiff|vox|aac|msv|dvf|flac|aifc|amz|atrac|m4a|m4p)",
13 | "type": "regex-word",
14 | "scopes": [
15 | "code",
16 | "comment"
17 | ],
18 | "modifiers": [ "i" ],
19 | "confidence": "high",
20 | "_comment": ""
21 | },
22 | {
23 | "pattern": "\\.(mp2|mp3|mp4|mpa|ra|rax|raw|smf|snd|sng|swa|hma|aac|ac3|eac3|Vorbis|pcm)",
24 | "type": "regex-word",
25 | "scopes": [
26 | "code",
27 | "comment"
28 | ],
29 | "modifiers": [ "i" ],
30 | "confidence": "high",
31 | "_comment": ""
32 | },
33 | {
34 | "pattern": "wma|wmv|asf|vp9|cr2|wav|mpeg|gsm|ogg|au|aiff|vox|aac|msv|dvf|flac|aifc|amz|atrac|m4a|m4p",
35 | "type": "regex-word",
36 | "scopes": [
37 | "code",
38 | "comment"
39 | ],
40 | "modifiers": [ "i" ],
41 | "confidence": "medium",
42 | "_comment": ""
43 | },
44 | {
45 | "pattern": "mp2|mp3|mp4|mpa|ra|rax|snd|sng|swa|hma|aac|ac3|eac3|Vorbis|pcm",
46 | "type": "regex-word",
47 | "scopes": [
48 | "code",
49 | "comment"
50 | ],
51 | "modifiers": [ "i" ],
52 | "confidence": "medium",
53 | "_comment": ""
54 | }
55 | ]
56 | },
57 | {
58 | "name": "Data: Video File",
59 | "id": "AI015700",
60 | "description": "Data: Video File",
61 | "tags": [
62 | "Data.Media.Video"
63 | ],
64 | "severity": "moderate",
65 | "patterns": [
66 | {
67 | "pattern": "\\.(avi|flv|mov|wmv|mp4|vob|hdv|ogg|oga|ogv|ogx)",
68 | "type": "regex-word",
69 | "scopes": [
70 | "code",
71 | "comment"
72 | ],
73 | "modifiers": [ "i" ],
74 | "confidence": "high",
75 | "_comment": ""
76 | },
77 | {
78 | "pattern": "\\.(mp4|m4v|f4v|f4a|m4b|m4r|f4b|mxf|op1a|op-atom)",
79 | "type": "regex-word",
80 | "scopes": [
81 | "code",
82 | "comment"
83 | ],
84 | "modifiers": [ "i" ],
85 | "confidence": "high",
86 | "_comment": ""
87 | },
88 | {
89 | "pattern": "avi|flv|mov|wmv|mp4|vob|hdv|ogg|oga|ogv|ogx",
90 | "type": "regex-word",
91 | "scopes": [
92 | "code",
93 | "comment"
94 | ],
95 | "modifiers": [ "i" ],
96 | "confidence": "medium",
97 | "_comment": ""
98 | },
99 | {
100 | "pattern": "mp4|m4v|f4v|f4a|m4b|m4r|f4b|mxf|op1a|op-atom",
101 | "type": "regex-word",
102 | "scopes": [
103 | "code",
104 | "comment"
105 | ],
106 | "modifiers": [ "i" ],
107 | "confidence": "medium",
108 | "_comment": ""
109 | }
110 | ]
111 | }
112 | ]
--------------------------------------------------------------------------------
/AppInspector/rules/default/frameworks/logging.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "Framework: Logging (Log4J)",
4 | "id": "AI021700",
5 | "description": "Framework: Logging (Log4J)",
6 | "applies_to": [
7 | "java"
8 | ],
9 | "tags": [
10 | "Framework.Development.Logging.Log4j"
11 | ],
12 | "severity": "moderate",
13 | "patterns": [
14 | {
15 | "pattern": "log4j",
16 | "type": "string",
17 | "scopes": [ "code" ],
18 | "confidence": "high",
19 | "_comment": ""
20 | }
21 | ]
22 | },
23 | {
24 | "name": "Framework: Logging (NLog)",
25 | "id": "AI021800",
26 | "description": "Framework: Logging (NLog)",
27 | "applies_to": [
28 | "csharp"
29 | ],
30 | "tags": [
31 | "Framework.Development.Logging.NLog"
32 | ],
33 | "severity": "moderate",
34 | "patterns": [
35 | {
36 | "pattern": "nlog",
37 | "type": "string",
38 | "scopes": [ "code" ],
39 | "confidence": "high",
40 | "_comment": ""
41 | }
42 | ]
43 | },
44 | {
45 | "name": "Framework: Logging (Serilog)",
46 | "id": "AI021900",
47 | "description": "Framework: Logging (Serilog)",
48 | "applies_to": [
49 | "csharp"
50 | ],
51 | "tags": [
52 | "Framework.Development.Logging.Serilog"
53 | ],
54 | "severity": "moderate",
55 | "patterns": [
56 | {
57 | "pattern": "serilog",
58 | "type": "string",
59 | "scopes": [ "code" ],
60 | "confidence": "high",
61 | "_comment": ""
62 | }
63 | ]
64 | },
65 | {
66 | "name": "Framework: Logging (log4net)",
67 | "id": "AI022000",
68 | "description": "Framework: Logging (log4net)",
69 | "applies_to": [
70 | "csharp"
71 | ],
72 | "tags": [
73 | "Framework.Development.Logging.Log4Net"
74 | ],
75 | "severity": "moderate",
76 | "patterns": [
77 | {
78 | "pattern": "log4net",
79 | "type": "string",
80 | "scopes": [ "code" ],
81 | "confidence": "high",
82 | "_comment": ""
83 | }
84 | ]
85 | },
86 | {
87 | "name": "Framework: Logging (ulog)",
88 | "id": "AI022100",
89 | "description": "Framework: Logging (ulog)",
90 | "applies_to": [
91 | "csharp"
92 | ],
93 | "tags": [
94 | "Framework.Development.Logging.ULog"
95 | ],
96 | "severity": "moderate",
97 | "patterns": [
98 | {
99 | "pattern": "ulog",
100 | "type": "string",
101 | "scopes": [ "code" ],
102 | "confidence": "high",
103 | "_comment": ""
104 | }
105 | ]
106 | },
107 | {
108 | "name": "Framework: Logging (Winston)",
109 | "id": "AI022200",
110 | "description": "Framework: Logging (Winston)",
111 | "applies_to": [
112 | "csharp"
113 | ],
114 | "tags": [
115 | "Framework.Development.Logging.Winston"
116 | ],
117 | "severity": "moderate",
118 | "patterns": [
119 | {
120 | "pattern": "winston",
121 | "type": "string",
122 | "scopes": [ "code" ],
123 | "confidence": "high",
124 | "_comment": ""
125 | }
126 | ]
127 | }
128 | ]
--------------------------------------------------------------------------------
/AppInspector/html/partials/_report_overview.liquid:
--------------------------------------------------------------------------------
1 |
2 |
Application Inspector Report
3 | Overview
5 | Welcome to the Microsoft Application Inspector Report.
6 | This report represents the analysis results for the specified source code. It contains
7 | features identified from a large variety of common characteristics including security
8 | and privacy characteristics, and other attributes to answer the question 'What is in the code?'.
9 | The tool can help validate purported component objectives using identifying patterns
10 | as well as detect feature changes between software component versions and even be used in automation scenarios.
11 |
12 |
13 |
14 |
Why it's different
15 | Knowing what is in your software is the first step to making informed choices about
16 | what actions are appropriate before allowing it to be include as part of your application in
17 | customer environments. Unlike a typical source code static analyzer,
18 | Application Inspector is judgement free, focusing instead on helping inform security
19 | and other scenarios by surfacing details that might otherwise go unnoticed.
20 |
21 |
22 |
23 |
Application Inspector Functions
24 |
25 |
26 | Analyze
28 | Scan source files for characteristics
29 |
30 |
31 | Tag Diff
33 | Compare identified tags (features) between source versions or components
34 |
35 |
36 |
37 |
39 | Tag Test
40 | Test source files for the presence of specific tag identifiers
41 |
42 |
43 | Tags
45 | Export Tags
46 |
47 |
48 | Verify
50 | Verify rules structure
51 |
52 |
53 |
56 |
Report Contents
57 | Feature are identified as "tags" found in the rule definitions which are customizable JSON files found under the 'rules' folder. Many characteristics are simply reported as
58 | "meta-data" which are not features in the code per se but are other attributes about the source that were detected which can be found in the Summary section.
59 |
60 |
61 |
64 |
65 |
66 |
67 | For more information, please visit our GitHub page to review
68 | the Application Inspector user guide, documentation, and source code.
69 |
70 |
{{ application_version }}
12 |
13 |
14 |
15 |
16 |
19 |
34 |
35 |
36 |
37 |
38 |
39 |
40 | {% include "report_overview" %}
41 |
42 |
43 | {% include "report_summary" %}
44 |
45 |
46 | {% include "report_profile" %}
47 |
48 |
49 |
51 |
52 | {% include "file_listing" %}
53 |
54 |
55 |
56 |
57 |
58 |
59 |
60 |
61 |
62 |
63 |
64 |
67 |
68 |
--------------------------------------------------------------------------------
/AppInspector/rules/default/cryptography/hash_algorithm.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "Cryptography: Hash Algorithm (SHA-256)",
4 | "id": "AI008700",
5 | "description": "Cryptography: Hash Algorithm Usage (SHA-256)",
6 | "tags": [
7 | "Cryptography.HashAlgorithm.SHA2"
8 | ],
9 | "severity": "moderate",
10 | "patterns": [
11 | {
12 | "pattern": "SHA-*(2|224|256|384|512)",
13 | "type": "regex",
14 | "scopes": [
15 | "code"
16 | ],
17 | "modifiers": [ "i" ],
18 | "confidence": "high"
19 | }
20 | ]
21 | },
22 | {
23 | "name": "Cryptography: Hash Algorithm (Legacy)",
24 | "id": "AI008800",
25 | "description": "Cryptography: Hash Algorithm (Legacy)",
26 | "tags": [
27 | "Cryptography.HashAlgorithm.Legacy"
28 | ],
29 | "severity": "moderate",
30 | "patterns": [
31 | {
32 | "pattern": "MD2|MD4|MD5|SHA-*(0|1)",
33 | "type": "regex-word",
34 | "scopes": [
35 | "code",
36 | "comment"
37 | ],
38 | "modifiers": [ "i" ],
39 | "confidence": "high"
40 | }
41 | ]
42 | },
43 | {
44 | "name": "Cryptography: Hash Algorithm (SHA-3)",
45 | "id": "AI008900",
46 | "description": "Cryptography: Hash Algorithm Usage (SHA-3)",
47 | "tags": [
48 | "Cryptography.HashAlgorithm.SHA3"
49 | ],
50 | "severity": "moderate",
51 | "patterns": [
52 | {
53 | "pattern": "SHA-*3|Keccak",
54 | "type": "regex",
55 | "scopes": [
56 | "code"
57 | ],
58 | "modifiers": [ "i" ],
59 | "confidence": "high"
60 | }
61 | ]
62 | },
63 | {
64 | "name": "Cryptography: Hash Algorithm (Misc)",
65 | "id": "AI009000",
66 | "description": "Cryptography: Hash Algorithm (Misc)",
67 | "tags": [
68 | "Cryptography.HashAlgorithm.Misc"
69 | ],
70 | "severity": "moderate",
71 | "patterns": [
72 | {
73 | "pattern": "RIPEMD|Blowfish|Twofish|Threefish|Serpent|HMAC|KeyedHashAlgorithm",
74 | "type": "regex",
75 | "scopes": [
76 | "code",
77 | "comment"
78 | ],
79 | "modifiers": [ "i" ],
80 | "confidence": "high"
81 | }
82 | ]
83 | },
84 | {
85 | "name": "Cryptography: Hash Algorithm",
86 | "id": "AI009100",
87 | "description": "Cryptography: Hash Algorithm Usage",
88 | "tags": [
89 | "Cryptography.HashAlgorithm.Other"
90 | ],
91 | "severity": "moderate",
92 | "patterns": [
93 | {
94 | "pattern": "HashAlgorithm|MessageDigest|DigestUtils",
95 | "type": "regex",
96 | "scopes": [
97 | "code"
98 | ],
99 | "modifiers": [ "i" ],
100 | "confidence": "high"
101 | }
102 | ]
103 | },
104 | {
105 | "name": "Cryptography: Hash Algorithm (General)",
106 | "id": "AI009200",
107 | "description": "Cryptography: Hash Algorithm (General)",
108 | "tags": [
109 | "Cryptography.HashAlgorithm.General"
110 | ],
111 | "severity": "moderate",
112 | "patterns": [
113 | {
114 | "pattern": "hash",
115 | "type": "regex",
116 | "scopes": [
117 | "code",
118 | "comment"
119 | ],
120 | "modifiers": [ "i" ],
121 | "confidence": "medium"
122 | }
123 | ]
124 | }
125 | ]
--------------------------------------------------------------------------------
/AppInspector/rules/default/cloud_services/web_analytics.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "Miscellaneous: Analytics Service",
4 | "id": "AI004200",
5 | "description": "Miscellaneous: Analytics Service",
6 | "tags": [
7 | "CloudServices.Web.Analytics.Facebook"
8 | ],
9 | "severity": "moderate",
10 | "patterns": [
11 | {
12 | "pattern": "analytics|tracker|tracking|tracking cookie|pixel url|tracking script",
13 | "type": "regex-word",
14 | "scopes": [ "code", "comment" ],
15 | "modifiers": [ "i" ],
16 | "confidence": "low"
17 | }
18 | ]
19 | },
20 | {
21 | "name": "Miscellaneous: Analytics Service (Facebook)",
22 | "id": "AI004300",
23 | "description": "Miscellaneous: Analytics Service (Facebook)",
24 | "tags": [
25 | "CloudServices.Web.Analytics.Facebook"
26 | ],
27 | "severity": "moderate",
28 | "patterns": [
29 | {
30 | "pattern": "connect.facebook.net",
31 | "type": "string",
32 | "scopes": [ "code" ],
33 | "modifiers": []
34 | }
35 | ]
36 | },
37 | {
38 | "name": "Miscellaneous: Analytics Service (Google GTag)",
39 | "id": "AI004400",
40 | "description": "Miscellaneous: Analytics Service (Google GTag)",
41 | "tags": [
42 | "CloudServices.Web.Analytics.Google.GTag"
43 | ],
44 | "severity": "moderate",
45 | "patterns": [
46 | {
47 | "pattern": "googletagmanager.com",
48 | "type": "string",
49 | "scopes": [ "code" ],
50 | "modifiers": []
51 | }
52 | ]
53 | },
54 | {
55 | "name": "Miscellaneous: Analytics Service (Bing)",
56 | "id": "AI004500",
57 | "description": "Miscellaneous: Analytics Service (Bing)",
58 | "tags": [
59 | "CloudServices.Web.Analytics.Microsoft.Bing"
60 | ],
61 | "severity": "moderate",
62 | "patterns": [
63 | {
64 | "pattern": "bat.bing.com",
65 | "type": "string",
66 | "scopes": [ "code" ],
67 | "modifiers": []
68 | }
69 | ]
70 | },
71 | {
72 | "name": "Miscellaneous: Analytics Service (Twitter)",
73 | "id": "AI004600",
74 | "description": "Miscellaneous: Analytics Service (Twitter)",
75 | "tags": [
76 | "CloudServices.Web.Analytics.Twitter"
77 | ],
78 | "severity": "moderate",
79 | "patterns": [
80 | {
81 | "pattern": "static.ads-twitter.com",
82 | "type": "string",
83 | "scopes": [ "code" ],
84 | "modifiers": []
85 | }
86 | ]
87 | },
88 | {
89 | "name": "Miscellaneous: Analytics Service (Outbrain)",
90 | "id": "AI004700",
91 | "description": "Miscellaneous: Analytics Service (Outbrain)",
92 | "tags": [
93 | "CloudServices.Web.Analytics.Outbrain"
94 | ],
95 | "severity": "moderate",
96 | "patterns": [
97 | {
98 | "pattern": "amplify.outbrain.com",
99 | "type": "string",
100 | "scopes": [ "code" ],
101 | "modifiers": []
102 | }
103 | ]
104 | },
105 | {
106 | "name": "Miscellaneous: Analytics Service (Pinterest)",
107 | "id": "AI004800",
108 | "description": "Miscellaneous: Analytics Service (Pinterest)",
109 | "tags": [
110 | "CloudServices.Web.Analytics.Pinterest"
111 | ],
112 | "severity": "moderate",
113 | "patterns": [
114 | {
115 | "pattern": "s.pinimg.com",
116 | "type": "string",
117 | "scopes": [ "code" ],
118 | "modifiers": []
119 | }
120 | ]
121 | }
122 | ]
--------------------------------------------------------------------------------
/AppInspector/rules/default/data_types/financial.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "Data: Financial (Account)",
4 | "id": "AI015000",
5 | "description": "Data: Financial (Account)",
6 | "tags": [
7 | "Data.Sensitive.Financial.BankAccount"
8 | ],
9 | "severity": "critical",
10 | "patterns": [
11 | {
12 | "pattern": "bank\\s*(acct|account)",
13 | "type": "regex-word",
14 | "scopes": [ "code", "comment" ],
15 | "modifiers": [ "i" ],
16 | "confidence": "high",
17 | "_comment": ""
18 | },
19 | {
20 | "pattern": "(checking|savings|chk|401k|roth)\\s*(account|acct)",
21 | "type": "regex-word",
22 | "scopes": [ "code" ],
23 | "modifiers": [ "i" ],
24 | "confidence": "high",
25 | "_comment": ""
26 | }
27 | ]
28 | },
29 | {
30 | "name": "Data: Financial (Income)",
31 | "id": "AI015100",
32 | "description": "Data: Financial (Income)",
33 | "tags": [
34 | "Data.Sensitive.Financial.General"
35 | ],
36 | "severity": "critical",
37 | "patterns": [
38 | {
39 | "pattern": "finances*|financial",
40 | "type": "regex",
41 | "scopes": [ "code" ],
42 | "modifiers": [ "i" ],
43 | "confidence": "high",
44 | "_comment": ""
45 | }
46 | ]
47 | },
48 | {
49 | "name": "Data: Financial (Currency)",
50 | "id": "AI015200",
51 | "description": "Data: Financial (Currency)",
52 | "tags": [
53 | "Data.Sensitive.Financial.Currency"
54 | ],
55 | "patterns": [
56 | {
57 | "pattern": "currency|usd|money|dollar|coins|euro|peso|deuch-mark|dinar|franc|krone|pound|rupee|shekel|yen",
58 | "type": "regex-word",
59 | "scopes": [ "code" ],
60 | "modifiers": [ "i" ],
61 | "confidence": "medium",
62 | "_comment": "Currencies"
63 | }
64 | ]
65 | },
66 | {
67 | "name": "Data: Financial (Credit Card)",
68 | "id": "AI015300",
69 | "description": "Data: Financial (Credit Card)",
70 | "tags": [
71 | "Data.Sensitive.Financial.CreditCard"
72 | ],
73 | "severity": "critical",
74 | "patterns": [
75 | {
76 | "pattern": "visa|americanexpress|amex|(master|discover|credit|debit)\\s*card",
77 | "type": "regex-word",
78 | "scopes": [ "code" ],
79 | "modifiers": [ "i" ],
80 | "confidence": "high",
81 | "_comment": ""
82 | }
83 | ]
84 | },
85 | {
86 | "name": "Data: Financial (Payroll)",
87 | "id": "AI015400",
88 | "description": "Data: Financial (Payroll)",
89 | "tags": [
90 | "Data.Sensitive.Financial.Payroll"
91 | ],
92 | "severity": "important",
93 | "patterns": [
94 | {
95 | "pattern": "pay-*roll|salary|salaries|stock",
96 | "type": "regex-word",
97 | "scopes": [ "code" ],
98 | "modifiers": [ "i" ],
99 | "confidence": "high",
100 | "_comment": ""
101 | }
102 | ]
103 | },
104 | {
105 | "name": "Data: Financial (Salesdata)",
106 | "id": "AI015500",
107 | "description": "Data: Financial (Salesdata)",
108 | "tags": [
109 | "Data.Sensitive.Financial.Salesdata"
110 | ],
111 | "severity": "critical",
112 | "patterns": [
113 | {
114 | "pattern": "sales",
115 | "type": "regex-word",
116 | "scopes": [ "code" ],
117 | "modifiers": [ "i" ],
118 | "confidence": "high",
119 | "_comment": "sales data or forecast"
120 | }
121 | ]
122 | }
123 | ]
--------------------------------------------------------------------------------
/AppInspector/rules/default/test_frameworks/python_testing.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "Testing Framework: AutoTest",
4 | "id": "AI051900",
5 | "description": "Testing Framework: AutoTest",
6 | "applies_to": [
7 | "python"
8 | ],
9 | "tags": [
10 | "Framework.Testing.AutoTest"
11 | ],
12 | "patterns": [
13 | {
14 | "pattern": "autotest",
15 | "type": "string",
16 | "scopes": [
17 | "code"
18 | ],
19 | "modifiers": [
20 | "i"
21 | ],
22 | "confidence": "high",
23 | "_comment": ""
24 | }
25 | ]
26 | },
27 | {
28 | "name": "Testing Framework: UnitTest",
29 | "id": "AI052000",
30 | "description": "Testing Framework: UnitTest",
31 | "applies_to": [
32 | "python"
33 | ],
34 | "tags": [
35 | "Framework.Testing.unittest"
36 | ],
37 | "patterns": [
38 | {
39 | "pattern": "unittest",
40 | "type": "string",
41 | "scopes": [
42 | "code"
43 | ],
44 | "confidence": "high"
45 | }
46 | ]
47 | },
48 | {
49 | "name": "Testing Framework: XPyUnit",
50 | "id": "AI052100",
51 | "description": "Testing Framework: XPyUnit",
52 | "applies_to": [
53 | "python"
54 | ],
55 | "tags": [
56 | "Framework.Testing.XPyUnit"
57 | ],
58 | "patterns": [
59 | {
60 | "pattern": "xpyunit",
61 | "type": "string",
62 | "scopes": [
63 | "code"
64 | ],
65 | "confidence": "high"
66 | }
67 | ]
68 | },
69 | {
70 | "name": "Testing Framework: DocTest",
71 | "id": "AI052200",
72 | "description": "Testing Framework: DocTest",
73 | "applies_to": [
74 | "python"
75 | ],
76 | "tags": [
77 | "Framework.Testing.Doctest"
78 | ],
79 | "patterns": [
80 | {
81 | "pattern": "doctest",
82 | "type": "string",
83 | "scopes": [
84 | "code"
85 | ],
86 | "confidence": "high"
87 | }
88 | ]
89 | },
90 | {
91 | "name": "Testing Framework: Nose",
92 | "id": "AI052300",
93 | "description": "Testing Framework: Nose",
94 | "applies_to": [
95 | "python"
96 | ],
97 | "tags": [
98 | "Framework.Testing.Nose"
99 | ],
100 | "patterns": [
101 | {
102 | "pattern": "import .*nose|nosetests|nose\\.run",
103 | "type": "regex",
104 | "scopes": [
105 | "code"
106 | ],
107 | "confidence": "high"
108 | }
109 | ]
110 | },
111 | {
112 | "name": "Testing Framework: PyTest",
113 | "id": "AI052400",
114 | "description": "Testing Framework: PyTest",
115 | "applies_to": [
116 | "python"
117 | ],
118 | "tags": [
119 | "Framework.Testing.PyTest"
120 | ],
121 | "patterns": [
122 | {
123 | "pattern": "pytest",
124 | "type": "string",
125 | "scopes": [
126 | "code"
127 | ],
128 | "confidence": "high"
129 | }
130 | ]
131 | },
132 | {
133 | "name": "Testing Framework: Should DSL",
134 | "id": "AI052500",
135 | "description": "Testing Framework: Should DSL",
136 | "applies_to": [
137 | "python"
138 | ],
139 | "tags": [
140 | "Framework.Testing.ShouldDSL"
141 | ],
142 | "patterns": [
143 | {
144 | "pattern": "should_dsl",
145 | "type": "string",
146 | "scopes": [
147 | "code"
148 | ],
149 | "confidence": "high"
150 | }
151 | ]
152 | }
153 | ]
--------------------------------------------------------------------------------
/AppInspector/rules/default/general/code_metrics.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "Metric: Class Definition",
4 | "id": "AI025700",
5 | "description": "Metric: Classes Defined",
6 | "tags": [
7 | "Metric.Code.Class.Defined"
8 | ],
9 | "severity": "moderate",
10 | "applies_to": [ "csharp", "cpp", "javascript", "pyton", "vb", "rust", "ruby", "groovy", "php" ],
11 | "patterns": [
12 | {
13 | "pattern": "class",
14 | "type": "regex-word",
15 | "scopes": [ "code" ],
16 | "confidence": "high",
17 | "_comment": "langs defined to exclude css class reference vs class data structure which provides complexity/size insight"
18 | }
19 | ]
20 | },
21 | {
22 | "name": "Metric: Function Definition",
23 | "id": "AI025800",
24 | "description": "Metric: Function Defined",
25 | "tags": [
26 | "Metric.Code.Function.Defined"
27 | ],
28 | "severity": "moderate",
29 | "patterns": [
30 | {
31 | "pattern": "(def|function|fun) (.*)",
32 | "type": "regex-word",
33 | "scopes": [ "code" ],
34 | "confidence": "medium",
35 | "_comment": "doesn't detect a number of other potential patterns at present"
36 | }
37 | ]
38 | },
39 | {
40 | "name": "Metric: HTML Form Definition",
41 | "id": "AI025900",
42 | "description": "Metric: HTML Form Defined",
43 | "tags": [
44 | "Metric.Code.HTMLForm.Defined"
45 | ],
46 | "severity": "moderate",
47 | "_comment": "",
48 | "patterns": [
49 | {
50 | "pattern": "-1}var r=e("../token_iterator").TokenIterator;t.singletonTags=["area","base","br","col","command","embed","hr","html","img","input","keygen","link","meta","param","source","track","wbr"],t.blockTags=["article","aside","blockquote","body","div","dl","fieldset","footer","form","head","header","html","nav","ol","p","script","section","style","table","tbody","tfoot","thead","ul"],t.beautify=function(e){var n=new r(e,0,0),s=n.getCurrentToken(),o=e.getTabString(),u=t.singletonTags,a=t.blockTags,f,l=!1,c=!1,h=!1,p="",d="",v="",m=0,g=0,y=0,b=0,w=0,E=0,S=0,x,T=0,N=0,C=[],k=!1,L,A=!1,O=!1,M=!1,_=!1,D={0:0},P=[],H=function(){f&&f.value&&f.type!=="string.regexp"&&(f.value=f.value.trim())},B=function(){p=p.replace(/ +$/,"")},j=function(){p=p.trimRight(),l=!1};while(s!==null){T=n.getCurrentTokenRow(),C=n.$rowTokens,f=n.stepForward();if(typeof s!="undefined"){d=s.value,w=0,M=v==="style"||e.$modeId==="ace/mode/css",i(s,"tag-open")?(O=!0,f&&(_=a.indexOf(f.value)!==-1),d==="0;N--)p+="\n";l=!0,!i(s,"comment")&&!s.type.match(/^(comment|string)$/)&&(d=d.trimLeft())}if(d){s.type==="keyword"&&d.match(/^(if|else|elseif|for|foreach|while|switch)$/)?(P[m]=d,H(),h=!0,d.match(/^(else|elseif)$/)&&p.match(/\}[\s]*$/)&&(j(),c=!0)):s.type==="paren.lparen"?(H(),d.substr(-1)==="{"&&(h=!0,A=!1,O||(N=1)),d.substr(0,1)==="{"&&(c=!0,p.substr(-1)!=="["&&p.trimRight().substr(-1)==="["?(j(),c=!1):p.trimRight().substr(-1)===")"?j():B())):s.type==="paren.rparen"?(w=1,d.substr(0,1)==="}"&&(P[m-1]==="case"&&w++,p.trimRight().substr(-1)==="{"?j():(c=!0,M&&(N+=2))),d.substr(0,1)==="]"&&p.substr(-1)!=="}"&&p.trimRight().substr(-1)==="}"&&(c=!1,b++,j()),d.substr(0,1)===")"&&p.substr(-1)!=="("&&p.trimRight().substr(-1)==="("&&(c=!1,b++,j()),B()):s.type!=="keyword.operator"&&s.type!=="keyword"||!d.match(/^(=|==|===|!=|!==|&&|\|\||and|or|xor|\+=|.=|>|>=|<|<=|=>)$/)?s.type==="punctuation.operator"&&d===";"?(j(),H(),h=!0,M&&N++):s.type==="punctuation.operator"&&d.match(/^(:|,)$/)?(j(),H(),d.match(/^(,)$/)&&S>0&&E===0?N++:(h=!0,l=!1)):s.type==="support.php_tag"&&d==="?>"&&!l?(j(),c=!0):i(s,"attribute-name")&&p.substr(-1).match(/^\s$/)?c=!0:i(s,"attribute-equals")?(B(),H()):i(s,"tag-close")&&(B(),d==="/>"&&(c=!0)):(j(),H(),c=!0,h=!0);if(l&&(!s.type.match(/^(comment)$/)||!!d.substr(0,1).match(/^[/#]$/))&&(!s.type.match(/^(string)$/)||!!d.substr(0,1).match(/^['"]$/))){b=y;if(m>g){b++;for(L=m;L>g;L--)D[L]=b}else m")_&&f&&f.value===""&&u.indexOf(v)===-1&&m--,x=T}}s=f}p=p.trim(),e.doc.setValue(p)},t.commands=[{name:"beautify",description:"Format selection (Beautify)",exec:function(e){t.beautify(e.session)},bindKey:"Ctrl-Shift-B"}]}); (function() {
2 | window.require(["ace/ext/beautify"], function(m) {
3 | if (typeof module == "object" && typeof exports == "object" && module) {
4 | module.exports = m;
5 | }
6 | });
7 | })();
8 |
--------------------------------------------------------------------------------
/AppInspector/rules/default/test_frameworks/ruby_testing.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "Testing Framework: TestUnit",
4 | "id": "AI052600",
5 | "description": "Testing Framework: TestUnit",
6 | "applies_to": [
7 | "ruby"
8 | ],
9 | "tags": [
10 | "Framework.Testing.TestUnit"
11 | ],
12 | "patterns": [
13 | {
14 | "pattern": "test::unit",
15 | "type": "string",
16 | "scopes": [
17 | "code"
18 | ],
19 | "modifiers": [
20 | "i"
21 | ],
22 | "confidence": "high"
23 | }
24 | ]
25 | },
26 | {
27 | "name": "Testing Framework: RSpec",
28 | "id": "AI052700",
29 | "description": "Testing Framework: RSpec",
30 | "applies_to": [
31 | "ruby"
32 | ],
33 | "tags": [
34 | "Framework.Testing.RSpec"
35 | ],
36 | "patterns": [
37 | {
38 | "pattern": "rspec",
39 | "type": "string",
40 | "scopes": [
41 | "code",
42 | "comment"
43 | ],
44 | "modifiers": [
45 | "i"
46 | ],
47 | "confidence": "high"
48 | }
49 | ]
50 | },
51 | {
52 | "name": "Testing Framework: Shoulda",
53 | "id": "AI052800",
54 | "description": "Testing Framework: Shoulda",
55 | "applies_to": [
56 | "ruby"
57 | ],
58 | "tags": [
59 | "Framework.Testing.Shoulda"
60 | ],
61 | "patterns": [
62 | {
63 | "pattern": "shoulda",
64 | "type": "string",
65 | "scopes": [
66 | "code",
67 | "comment"
68 | ],
69 | "modifiers": [
70 | "i"
71 | ],
72 | "confidence": "high"
73 | }
74 | ]
75 | },
76 | {
77 | "name": "Testing Framework: MicroTest",
78 | "id": "AI052900",
79 | "description": "Testing Framework: MicroTest",
80 | "applies_to": [
81 | "ruby"
82 | ],
83 | "tags": [
84 | "Framework.Testing.Microtest"
85 | ],
86 | "patterns": [
87 | {
88 | "pattern": "microtest",
89 | "type": "string",
90 | "scopes": [
91 | "code",
92 | "comment"
93 | ],
94 | "modifiers": [
95 | "i"
96 | ],
97 | "confidence": "high"
98 | }
99 | ]
100 | },
101 | {
102 | "name": "Testing Framework: Bacon",
103 | "id": "AI053000",
104 | "description": "Testing Framework: Bacon",
105 | "applies_to": [
106 | "ruby"
107 | ],
108 | "tags": [
109 | "Framework.Testing.Bacon"
110 | ],
111 | "patterns": [
112 | {
113 | "pattern": "bacon",
114 | "type": "string",
115 | "scopes": [
116 | "code",
117 | "comment"
118 | ],
119 | "modifiers": [
120 | "i"
121 | ],
122 | "confidence": "high"
123 | }
124 | ]
125 | },
126 | {
127 | "name": "Testing Framework: MiniTest",
128 | "id": "AI053100",
129 | "description": "Testing Framework: MiniTest",
130 | "applies_to": [
131 | "ruby"
132 | ],
133 | "tags": [
134 | "Framework.Testing.Minitest"
135 | ],
136 | "patterns": [
137 | {
138 | "pattern": "minitest",
139 | "type": "string",
140 | "scopes": [
141 | "code",
142 | "comment"
143 | ],
144 | "modifiers": [
145 | "i"
146 | ],
147 | "confidence": "high"
148 | }
149 | ]
150 | },
151 | {
152 | "name": "Testing Framework: TMF",
153 | "id": "AI053200",
154 | "description": "Testing Framework: TMF",
155 | "applies_to": [
156 | "ruby"
157 | ],
158 | "tags": [
159 | "Framework.Testing.TMF"
160 | ],
161 | "patterns": [
162 | {
163 | "pattern": "TMF",
164 | "type": "string",
165 | "scopes": [
166 | "code",
167 | "comment"
168 | ],
169 | "modifiers": [
170 | "i"
171 | ],
172 | "confidence": "high"
173 | }
174 | ]
175 | }
176 | ]
--------------------------------------------------------------------------------
/AppInspector/rules/default/cryptography/external_libraries.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "Crypographic Library: BouncyCastle",
4 | "id": "AI008000",
5 | "description": "Crypographic Library: BouncyCastle",
6 | "applies_to": [
7 | "csharp",
8 | "java",
9 | "kotlin",
10 | "scala"
11 | ],
12 | "tags": [
13 | "Cryptography.Library.TLS.BouncyCastle"
14 | ],
15 | "severity": "moderate",
16 | "patterns": [
17 | {
18 | "pattern": "bouncycastle|spongycastle",
19 | "type": "regex",
20 | "scopes": [ "code" ],
21 | "confidence": "high",
22 | "modifiers": [ "i" ]
23 | }
24 | ]
25 | },
26 | {
27 | "name": "Crypographic Library: mbed TLS",
28 | "id": "AI008100",
29 | "description": "Crypographic Library: mbed TLS",
30 | "applies_to": [
31 | ],
32 | "tags": [
33 | "Cryptography.Library.TLS.mbedTLS"
34 | ],
35 | "severity": "moderate",
36 | "patterns": [
37 | {
38 | "pattern": "mbedtls",
39 | "type": "string",
40 | "scopes": [ "code" ],
41 | "confidence": "high",
42 | "modifiers": [ "i" ]
43 | }
44 | ]
45 | },
46 | {
47 | "name": "Crypographic Library: OpenSSL",
48 | "id": "AI008200",
49 | "description": "Crypographic Library: OpenSSL",
50 | "applies_to": [
51 | ],
52 | "tags": [
53 | "Cryptography.Library.TLS.OpenSSL"
54 | ],
55 | "severity": "moderate",
56 | "patterns": [
57 | {
58 | "pattern": "openssl|SSL_CTX_new",
59 | "type": "regex",
60 | "scopes": [ "code" ],
61 | "confidence": "high",
62 | "modifiers": [ "i" ]
63 | }
64 | ]
65 | },
66 | {
67 | "name": "Crypographic Library: BoringSSL",
68 | "id": "AI008300",
69 | "description": "Crypographic Library: BoringSSL",
70 | "applies_to": [
71 | ],
72 | "tags": [
73 | "Cryptography.Library.TLS.BoringSSL"
74 | ],
75 | "severity": "moderate",
76 | "patterns": [
77 | {
78 | "pattern": "boringssl",
79 | "type": "string",
80 | "scopes": [ "code" ],
81 | "confidence": "high",
82 | "modifiers": [ "i" ]
83 | }
84 | ]
85 | },
86 | {
87 | "name": "Crypographic Library: LibreSSL",
88 | "id": "AI008400",
89 | "description": "Crypographic Library: LibreSSL",
90 | "applies_to": [
91 | ],
92 | "tags": [
93 | "Cryptography.Library.TLS.LibreSSL"
94 | ],
95 | "severity": "moderate",
96 | "patterns": [
97 | {
98 | "pattern": "libressl",
99 | "type": "string",
100 | "scopes": [ "code" ],
101 | "confidence": "high",
102 | "modifiers": [ "i" ]
103 | }
104 | ]
105 | },
106 | {
107 | "name": "Crypographic Library: Win32",
108 | "id": "AI008500",
109 | "description": "Crypographic Library: Win32",
110 | "applies_to": [
111 | ],
112 | "tags": [
113 | "Cryptography.Library.Win32"
114 | ],
115 | "severity": "moderate",
116 | "patterns": [
117 | {
118 | "pattern": "\\b(wincrypt|cryptxml|wintrust|dpapi|bcrypt|cryptdlg|ncrypt|cryptxml|ncryptprotect)\\.h",
119 | "type": "regex",
120 | "scopes": [ "code" ],
121 | "confidence": "high",
122 | "modifiers": [ "i" ]
123 | }
124 | ]
125 | },
126 | {
127 | "name": "Crypographic Library: .NET",
128 | "id": "AI008600",
129 | "description": "Crypographic Library: .NET",
130 | "applies_to": [
131 | "c",
132 | "cpp",
133 | "csharp"
134 | ],
135 | "tags": [
136 | "Cryptography.Library.Microsoft.NET"
137 | ],
138 | "severity": "moderate",
139 | "patterns": [
140 | {
141 | "pattern": "ProtectedData",
142 | "type": "string",
143 | "scopes": [
144 | "code"
145 | ],
146 | "modified": [ "i" ],
147 | "_comment": ""
148 | },
149 | {
150 | "pattern": "DPAPI",
151 | "type": "string",
152 | "scopes": [
153 | "code"
154 | ],
155 | "modified": [ "i" ],
156 | "confidence": "high",
157 | "_comment": ""
158 | }
159 | ]
160 | }
161 | ]
--------------------------------------------------------------------------------
/AppInspector/html/resources/js/ext-modelist.js:
--------------------------------------------------------------------------------
1 | define("ace/ext/modelist",["require","exports","module"],function(e,t,n){"use strict";function i(e){var t=a.text,n=e.split(/[\/\\]/).pop();for(var i=0;i rulePaths = new List();
59 | if (!_arg_ignoreDefaultRules)
60 | rulePaths.Add(Utils.GetPath(Utils.AppPath.defaultRules));
61 |
62 | if (!string.IsNullOrEmpty(_arg_customRulesPath))
63 | rulePaths.Add(_arg_customRulesPath);
64 |
65 | foreach (string rulePath in rulePaths)
66 | {
67 | if (Directory.Exists(rulePath))
68 | _rules.AddDirectory(rulePath);
69 | else if (File.Exists(rulePath))
70 | _rules.AddFile(rulePath);
71 | else
72 | {
73 | throw new OpException(ErrMsg.FormatString(ErrMsg.ID.CMD_INVALID_RULE_PATH, rulePath));
74 | }
75 | }
76 |
77 | //error check based on ruleset not path enumeration
78 | if (_rules.Count() == 0)
79 | {
80 | throw new OpException(ErrMsg.GetString(ErrMsg.ID.CMD_NORULES_SPECIFIED));
81 | }
82 | }
83 |
84 | public int Run()
85 | {
86 | WriteOnce.Operation(ErrMsg.FormatString(ErrMsg.ID.CMD_RUNNING, "Exporttags"));
87 |
88 | SortedDictionary uniqueTags = new SortedDictionary();
89 |
90 | foreach (Rule r in _rules)
91 | {
92 | //builds a list of unique tags
93 | foreach (string t in r.Tags)
94 | {
95 | if (uniqueTags.ContainsKey(t))
96 | continue;
97 | else
98 | uniqueTags.Add(t, t);
99 | }
100 | }
101 |
102 | //separate loop so results are sorted (Sorted type)
103 | foreach (string s in uniqueTags.Values)
104 | WriteOnce.Result(s, true);
105 |
106 | WriteOnce.Operation(ErrMsg.FormatString(ErrMsg.ID.CMD_COMPLETED, "Exporttags"));
107 | WriteOnce.FlushAll();
108 | if (!String.IsNullOrEmpty(_arg_outputFile))
109 | WriteOnce.Any(ErrMsg.FormatString(ErrMsg.ID.ANALYZE_OUTPUT_FILE, _arg_outputFile),true, ConsoleColor.Gray,WriteOnce.ConsoleVerbosity.Low);
110 |
111 |
112 | return (int)ExitCode.Success;
113 | }
114 | }
115 | }
116 |
--------------------------------------------------------------------------------
/AppInspector/rules/default/components/active_content.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "Component: Adobe Flash",
4 | "id": "AI004900",
5 | "description": "Component: Adobe Flash",
6 | "applies_to": [
7 | ],
8 | "tags": [
9 | "Component.Executable.Adobe.Flash"
10 | ],
11 | "severity": "moderate",
12 | "patterns": [
13 | {
14 | "pattern": "\\.(swf|flv)",
15 | "type": "regex",
16 | "scopes": [
17 | "code",
18 | "comment"
19 | ],
20 | "confidence": "high",
21 | "modifiers": [ "i" ]
22 | },
23 | {
24 | "pattern": "adobe flash",
25 | "type": "string",
26 | "scopes": [
27 | "code",
28 | "comment"
29 | ],
30 | "confidence": "medium",
31 | "modifiers": [ "i" ]
32 | },
33 | {
34 | "pattern": "flash",
35 | "type": "regex-word",
36 | "scopes": [
37 | "code",
38 | "comment"
39 | ],
40 | "confidence": "low",
41 | "modifiers": [ "i" ]
42 | }
43 | ]
44 | },
45 | {
46 | "name": "Component: Active-X",
47 | "id": "AI005000",
48 | "description": "Component: Active-X",
49 | "applies_to": [
50 | "c",
51 | "cpp",
52 | "csharp",
53 | "vb"
54 | ],
55 | "tags": [
56 | "Component.Executable.Microsoft.ActiveX"
57 | ],
58 | "severity": "moderate",
59 | "patterns": [
60 | {
61 | "pattern": "CoInitialize|CoCreateInstance|comClassInterface|CLSCTX_INPROC_SERVER|ProgId|COleControlModule|ComDefaultInterface|IOleInPlaceObject|IOleControl|IOleObjective",
62 | "type": "regex-word",
63 | "scopes": [
64 | "code",
65 | "comment"
66 | ],
67 | "modifiers": [ "i" ],
68 | "confidence": "high"
69 | },
70 | {
71 | "pattern": "active-?x|CreateObject",
72 | "type": "regex",
73 | "scopes": [
74 | "code",
75 | "comment"
76 | ],
77 | "modifiers": [ "i" ],
78 | "confidence": "medium"
79 | }
80 | ]
81 | },
82 | {
83 | "name": "Component: Active-X",
84 | "id": "AI005010",
85 | "description": "Component: Active-X",
86 | "applies_to": [
87 | "javascript", "typescript"
88 | ],
89 | "tags": [
90 | "Component.Executable.Microsoft.ActiveX"
91 | ],
92 | "severity": "moderate",
93 | "patterns": [
94 | {
95 | "pattern": "new ActiveXObject",
96 | "type": "string",
97 | "scopes": [
98 | "code"
99 | ],
100 | "modifiers": [ "i" ],
101 | "confidence": "high"
102 | }
103 | ]
104 | },
105 | {
106 | "name": "Component: COM",
107 | "id": "AI005100",
108 | "description": "Component: COM",
109 | "applies_to": [
110 | "c",
111 | "cpp",
112 | "csharp"
113 | ],
114 | "tags": [
115 | "Component.Executable.Microsoft.COM"
116 | ],
117 | "severity": "moderate",
118 | "patterns": [
119 | {
120 | "pattern": "CLSCTX_INPROC_SERVER|CLSCTX_INPROC_HANDLER|CLSCTX_LOCAL_SERVER|CoCreateInstance",
121 | "type": "regex-word",
122 | "scopes": [
123 | "code"
124 | ],
125 | "confidence": "high"
126 | }
127 | ]
128 | },
129 | {
130 | "name": "Component: PDF",
131 | "id": "AI005200",
132 | "description": "Component: PDF",
133 | "applies_to": [
134 | "c",
135 | "cpp",
136 | "csharp"
137 | ],
138 | "tags": [
139 | "Component.Executable.Adobe.PDF"
140 | ],
141 | "severity": "moderate",
142 | "patterns": [
143 | {
144 | "pattern": ".pdf",
145 | "type": "string",
146 | "scopes": [
147 | "code"
148 | ],
149 | "confidence": "high"
150 | }
151 | ]
152 | },
153 | {
154 | "name": "Component: Microsoft Silverlight",
155 | "id": "AI005300",
156 | "description": "Component: Microsoft Silverlight",
157 | "tags": [
158 | "Component.Executable.Microsoft.Silverlight"
159 | ],
160 | "severity": "moderate",
161 | "patterns": [
162 | {
163 | "pattern": "silverlight|\\.xap",
164 | "type": "string",
165 | "modifiers": [ "i" ],
166 | "scopes": [
167 | "code"
168 | ],
169 | "confidence": "high"
170 | }
171 | ]
172 | }
173 | ]
--------------------------------------------------------------------------------
/AppInspector/rules/default/data_handling/xml_parsing.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "Data: Parses XML",
4 | "id": "AI014100",
5 | "description": "Data: Parses XML",
6 | "tags": [
7 | "Data.Parsing.XML"
8 | ],
9 | "severity": "critical",
10 | "patterns": [
11 | {
12 | "pattern": "sax|xpath|xmldom|xelement|xmldocument",
13 | "type": "regex-word",
14 | "confidence": "high",
15 | "scopes": [
16 | "code"
17 | ]
18 | }
19 | ]
20 | },
21 | {
22 | "name": "Data: Parses XML",
23 | "id": "AI014200",
24 | "description": "Data: Parses XML",
25 | "applies_to": [ "python" ],
26 | "tags": [
27 | "Data.Parsing.XML"
28 | ],
29 | "severity": "critical",
30 | "patterns": [
31 | {
32 | "pattern": "lxml|etree|ElementTree|minidom|pulldom|xmlrpc",
33 | "type": "regex-word",
34 | "confidence": "high",
35 | "scopes": [
36 | "code"
37 | ]
38 | }
39 | ]
40 | },
41 | {
42 | "name": "Data: Parses XML",
43 | "id": "AI014300",
44 | "description": "Data: Parses XML",
45 | "applies_to": [ "javascript" ],
46 | "tags": [
47 | "Data.Parsing.XML"
48 | ],
49 | "severity": "critical",
50 | "patterns": [
51 | {
52 | "pattern": "parseFromString\\(.*,\"text\/xml\"\\)|xhttp\\.responseXML",
53 | "type": "regex-word",
54 | "confidence": "high",
55 | "scopes": [
56 | "code"
57 | ]
58 | }
59 | ]
60 | },
61 | {
62 | "name": "Data: Parses XML",
63 | "id": "AI014400",
64 | "description": "Data: Parses XML",
65 | "applies_to": [ "java" ],
66 | "tags": [
67 | "Data.Parsing.XML"
68 | ],
69 | "severity": "critical",
70 | "patterns": [
71 | {
72 | "pattern": "jdom2|SAXBuilder",
73 | "type": "regex-word",
74 | "confidence": "high",
75 | "scopes": [
76 | "code"
77 | ]
78 | }
79 | ]
80 | },
81 | {
82 | "name": "Data: XSLT Transformations",
83 | "id": "AI014500",
84 | "description": "Data: XSLT Transformations",
85 | "applies_to": [ "csharp" ],
86 | "tags": [
87 | "Data.Parsing.XSLT"
88 | ],
89 | "severity": "critical",
90 | "patterns": [
91 | {
92 | "pattern": "XslTransform|System\\.Xml\\.Xsl|XslCompiledTransform|transformNode",
93 | "type": "regex",
94 | "confidence": "high",
95 | "scopes": [
96 | "code"
97 | ]
98 | }
99 | ]
100 | },
101 | {
102 | "name": "Data: XSLT Transformations",
103 | "id": "AI014600",
104 | "description": "Data: XSLT Transformations",
105 | "applies_to": [ "java" ],
106 | "tags": [
107 | "Data.Parsing.XSLT"
108 | ],
109 | "severity": "critical",
110 | "patterns": [
111 | {
112 | "pattern": "TransformerFactory|XSLDocument|javax\\.xml\\.transform",
113 | "type": "regex",
114 | "confidence": "high",
115 | "scopes": [
116 | "code"
117 | ]
118 | }
119 | ]
120 | },
121 | {
122 | "name": "Data: XSLT Transformations",
123 | "id": "AI014700",
124 | "description": "Data: XSLT Transformations",
125 | "applies_to": [ "javascript" ],
126 | "tags": [
127 | "Data.Parsing.XSLT"
128 | ],
129 | "severity": "critical",
130 | "patterns": [
131 | {
132 | "pattern": "XSLTProcessor",
133 | "type": "regex",
134 | "confidence": "high",
135 | "scopes": [
136 | "code"
137 | ]
138 | }
139 | ]
140 | },
141 | {
142 | "name": "Data: XSLT Transformations",
143 | "id": "AI014800",
144 | "description": "Data: XSLT Transformations",
145 | "tags": [
146 | "Data.Parsing.XSLT"
147 | ],
148 | "severity": "critical",
149 | "patterns": [
150 | {
151 | "pattern": "\\.xslt",
152 | "type": "regex",
153 | "confidence": "high",
154 | "scopes": [
155 | "code"
156 | ]
157 | }
158 | ]
159 | },
160 | {
161 | "name": "Data: XSLT Transformations",
162 | "id": "AI014900",
163 | "description": "Data: XSLT Transformations",
164 | "tags": [
165 | "Data.Parsing.XSLT"
166 | ],
167 | "severity": "critical",
168 | "patterns": [
169 | {
170 | "pattern": "xslt|xsl:stylesheet",
171 | "type": "regex-word",
172 | "modifiers": [ "i" ],
173 | "confidence": "high",
174 | "scopes": [
175 | "code"
176 | ]
177 | }
178 | ]
179 | }
180 | ]
181 |
182 |
183 |
184 |
--------------------------------------------------------------------------------
/AppInspector/rules/default/general/OSS_license.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "Open Source License: MIT",
4 | "id": "AI027600",
5 | "description": "Open Source License: MIT",
6 | "tags": [
7 | "Miscellaneous.OpenSourceLicense.MIT"
8 | ],
9 | "severity": "moderate",
10 | "patterns": [
11 | {
12 | "pattern": "MIT License",
13 | "type": "string",
14 | "scopes": [ "code", "comment" ],
15 | "modifiers": [ "i" ],
16 | "confidence": "high"
17 | }
18 | ]
19 | },
20 | {
21 | "name": "Open Source License: Apache",
22 | "id": "AI027700",
23 | "description": "Open Source License: Apache",
24 | "tags": [
25 | "Miscellaneous.OpenSourceLicense.Apache"
26 | ],
27 | "severity": "moderate",
28 | "patterns": [
29 | {
30 | "pattern": "Apache License",
31 | "type": "string",
32 | "scopes": [ "code", "comment" ],
33 | "modifiers": [ "i" ],
34 | "confidence": "high"
35 | }
36 | ]
37 | },
38 | {
39 | "name": "Open Source License: BSD",
40 | "id": "AI027800",
41 | "description": "Open Source License: BSD",
42 | "tags": [
43 | "Miscellaneous.OpenSourceLicense.BSD"
44 | ],
45 | "severity": "moderate",
46 | "patterns": [
47 | {
48 | "pattern": "BSD.+License",
49 | "type": "regex",
50 | "scopes": [ "code", "comment" ],
51 | "modifiers": [ "i" ],
52 | "confidence": "high"
53 | }
54 | ]
55 | },
56 | {
57 | "name": "Open Source License: GPL",
58 | "id": "AI027900",
59 | "description": "Open Source License: GPL",
60 | "tags": [
61 | "Miscellaneous.OpenSourceLicense.GPL"
62 | ],
63 | "severity": "moderate",
64 | "patterns": [
65 | {
66 | "pattern": "GNU GENERAL PUBLIC LICENSE",
67 | "type": "string",
68 | "scopes": [ "code", "comment" ],
69 | "modifiers": [ "i" ],
70 | "confidence": "high"
71 | }
72 | ]
73 | },
74 | {
75 | "name": "Open Source License: LGPL",
76 | "id": "AI028000",
77 | "description": "Open Source License: LGPL",
78 | "tags": [
79 | "Miscellaneous.OpenSourceLicense.LGPL"
80 | ],
81 | "severity": "moderate",
82 | "patterns": [
83 | {
84 | "pattern": "GNU LESSER GENERAL PUBLIC LICENSE",
85 | "type": "string",
86 | "scopes": [ "code", "comment" ],
87 | "modifiers": [ "i" ],
88 | "confidence": "high"
89 | }
90 | ]
91 | },
92 | {
93 | "name": "Open Source License: Mozilla",
94 | "id": "AI028100",
95 | "description": "Open Source License: Mozilla",
96 | "tags": [
97 | "Miscellaneous.OpenSourceLicense.Mozilla"
98 | ],
99 | "severity": "moderate",
100 | "patterns": [
101 | {
102 | "pattern": "Mozilla Public License",
103 | "type": "string",
104 | "scopes": [ "code", "comment" ],
105 | "modifiers": [ "i" ],
106 | "confidence": "high"
107 | }
108 | ]
109 | },
110 | {
111 | "name": "Open Source License: Eclipse",
112 | "id": "AI028200",
113 | "description": "Open Source License: Eclipse",
114 | "tags": [
115 | "Miscellaneous.OpenSourceLicense.Eclipse"
116 | ],
117 | "severity": "moderate",
118 | "patterns": [
119 | {
120 | "pattern": "Eclipse Public License",
121 | "type": "string",
122 | "scopes": [ "code", "comment" ],
123 | "modifiers": [ "i" ],
124 | "confidence": "high"
125 | }
126 | ]
127 | },
128 | {
129 | "name": "Open Source License: Creative Commons",
130 | "id": "AI028300",
131 | "description": "Open Source License: Creative Commons",
132 | "tags": [
133 | "Miscellaneous.OpenSourceLicense.CreativeCommons"
134 | ],
135 | "severity": "moderate",
136 | "patterns": [
137 | {
138 | "pattern": "Creative Commons License",
139 | "type": "string",
140 | "scopes": [ "code", "comment" ],
141 | "modifiers": [ "i" ],
142 | "confidence": "high"
143 | }
144 | ]
145 | },
146 | {
147 | "name": "Open Source License: Microsoft",
148 | "id": "AI028400",
149 | "description": "Open Source License: Microsoft",
150 | "tags": [
151 | "Miscellaneous.OpenSourceLicense.Microsoft"
152 | ],
153 | "severity": "moderate",
154 | "patterns": [
155 | {
156 | "pattern": "Microsoft Public License",
157 | "type": "string",
158 | "scopes": [ "code", "comment" ],
159 | "modifiers": [ "i" ],
160 | "confidence": "high"
161 | }
162 | ]
163 | }
164 | ]
165 |
--------------------------------------------------------------------------------
/AppInspector/rules/default/security_feature/authorization.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "Authorization: Microsoft Azure SAS",
4 | "id": "AI040200",
5 | "description": "Authorization: Microsoft Azure SAS",
6 | "applies_to": [
7 | "common_source_code"
8 | ],
9 | "tags": [
10 | "Authorization.Microsoft.Azuze.SAS"
11 | ],
12 | "severity": "critical",
13 | "patterns": [
14 | {
15 | "pattern": "sharedAccessPolicy|storageAccessKey|sharedAccessAccountPolicy|storageAccountOrConnectionString",
16 | "type": "regex-word",
17 | "scopes": [
18 | "code"
19 | ],
20 | "modifiers": [ "i" ],
21 | "confidence": "high"
22 | },
23 | {
24 | "pattern": "SAS *Token",
25 | "type": "regex",
26 | "scopes": [
27 | "code"
28 | ],
29 | "modifiers": [ "i" ],
30 | "confidence": "high"
31 | }
32 | ]
33 | },
34 | {
35 | "name": "Authorization: Roles Based Access (RBAC)",
36 | "id": "AI040300",
37 | "description": "Authorization: Roles Based Access (RBAC)",
38 | "applies_to": [
39 | "common_source_code"
40 | ],
41 | "tags": [
42 | "Authorization.RBAC"
43 | ],
44 | "severity": "critical",
45 | "patterns": [
46 | {
47 | "pattern": "rbac|userrole*s|roles*",
48 | "type": "regex-word",
49 | "scopes": [
50 | "code"
51 | ],
52 | "modifiers": [ "i" ],
53 | "confidence": "high"
54 | }
55 | ]
56 | },
57 | {
58 | "name": "Authorization: Permissions",
59 | "id": "AI040400",
60 | "description": "Authorization: Permissions",
61 | "applies_to": [
62 | "common_source_code"
63 | ],
64 | "tags": [
65 | "Authorization.Permissions"
66 | ],
67 | "severity": "critical",
68 | "patterns": [
69 | {
70 | "pattern": "permissions*",
71 | "type": "regex-word",
72 | "scopes": [
73 | "code"
74 | ],
75 | "modifiers": [ "i" ],
76 | "confidence": "high"
77 | }
78 | ],
79 | "conditions": [
80 | {
81 | "pattern": {
82 | "pattern": "License|copyright|readme.md",
83 | "type": "regex",
84 | "scopes": [
85 | "code"
86 | ],
87 | "modifiers": [ "i" ],
88 | "_comment": "eliminate notices"
89 | },
90 | "search_in": "finding-region(-10,10)",
91 | "negate_finding": true,
92 | "_comment": ""
93 | }
94 | ]
95 | },
96 | {
97 | "name": "Authorization: Claims",
98 | "id": "AI040500",
99 | "description": "Authorization: Claims",
100 | "applies_to": [
101 | "common_source_code"
102 | ],
103 | "tags": [
104 | "Authorization.Claims"
105 | ],
106 | "severity": "critical",
107 | "patterns": [
108 | {
109 | "pattern": "claims*",
110 | "type": "regex-word",
111 | "scopes": [
112 | "code"
113 | ],
114 | "modifiers": [ "i" ],
115 | "confidence": "high"
116 | }
117 | ],
118 | "conditions": [
119 | {
120 | "pattern": {
121 | "pattern": "License|copyright|Permission to use|readme.md",
122 | "type": "regex",
123 | "scopes": [
124 | "code"
125 | ],
126 | "modifiers": [ "i" ],
127 | "_comment": "eliminate notices"
128 | },
129 | "search_in": "finding-region(-10,10)",
130 | "negate_finding": true,
131 | "_comment": ""
132 | }
133 | ]
134 | },
135 | {
136 | "name": "Authorization: General",
137 | "id": "AI040600",
138 | "description": "Authorization: General",
139 | "applies_to": [
140 | "common_source_code"
141 | ],
142 | "tags": [
143 | "Authorization.General"
144 | ],
145 | "severity": "critical",
146 | "patterns": [
147 | {
148 | "pattern": "authorize|authorized|authorization|isauthorized",
149 | "type": "regex",
150 | "scopes": [
151 | "code"
152 | ],
153 | "modifiers": [ "i" ],
154 | "confidence": "high"
155 | }
156 | ],
157 | "conditions": [
158 | {
159 | "pattern": {
160 | "pattern": "SAS|SharedAccess",
161 | "type": "regex",
162 | "scopes": [
163 | "code"
164 | ],
165 | "modifiers": [ "i" ],
166 | "_comment": "since already covered by another rule if SAS related"
167 | },
168 | "search_in": "finding-region(-10,10)",
169 | "negate_finding": true,
170 | "_comment": ""
171 | }
172 | ]
173 | }
174 | ]
--------------------------------------------------------------------------------
/AppInspector/Writers/LiquidWriter.cs:
--------------------------------------------------------------------------------
1 | // Copyright (C) Microsoft. All rights reserved.
2 | // Licensed under the MIT License. See LICENSE.txt in the project root for license information.
3 |
4 | using System;
5 | using System.Collections.Generic;
6 | using System.IO;
7 | using System.Reflection;
8 | using DotLiquid;
9 | using DotLiquid.FileSystems;
10 | using Newtonsoft.Json;
11 | using System.Linq;
12 |
13 | namespace Microsoft.AppInspector
14 | {
15 | public class LiquidWriter : Writer
16 | {
17 | readonly int MAX_HTML_REPORT_FILE_SIZE = 1024 * 1000 * 3; //warn about potential slow rendering
18 |
19 | ///
20 | /// Registers datatypes with html framework liquid and sets up data for use within it and used
21 | /// with html partial.liquid files that are embedded as resources
22 | ///
23 | /// ();
35 | data["AppProfile"] = app;
36 |
37 | //matchitems rather than records created to exclude full rule/patterns/cond.
38 | List matches = new List();
39 | foreach (MatchRecord match in app.MatchList)
40 | {
41 | MatchItems matchItem = new MatchItems(match);
42 | matches.Add(matchItem);
43 | }
44 |
45 | data["matchDetails"] = matches;
46 |
47 | var hashData = new Hash();
48 | hashData["json"] = JsonConvert.SerializeObject(data, Formatting.Indented);
49 | hashData["application_version"] = Program.GetVersionString();
50 |
51 | //add dynamic sets of groups of taginfo read from preferences for Profile page
52 | List tagGroupList = app.GetCategoryTagGroups("profile");
53 | hashData["groups"] = tagGroupList;
54 |
55 | //add summary values for sorted tags lists of taginfo
56 | foreach (string outerKey in app.KeyedSortedTagInfoLists.Keys)
57 | hashData.Add(outerKey, app.KeyedSortedTagInfoLists[outerKey]);
58 |
59 | //add summary metadata lists
60 | hashData["cputargets"] = app.MetaData.CPUTargets;
61 | hashData["apptypes"] = app.MetaData.AppTypes;
62 | hashData["packagetypes"] = app.MetaData.PackageTypes;
63 | hashData["ostargets"] = app.MetaData.OSTargets;
64 | hashData["outputs"] = app.MetaData.Outputs;
65 | hashData["filetypes"] = app.MetaData.FileExtensions;
66 | hashData["tagcounters"] = app.MetaData.TagCountersUI;
67 |
68 | var htmlResult = htmlTemplate.Render(hashData);
69 | string htmlOutputFilePath = Path.Combine(Utils.GetPath(Utils.AppPath.basePath), "output.html");
70 | File.WriteAllText(htmlOutputFilePath, htmlResult);
71 |
72 | //writes out json report for convenience and linking to from report page(s)
73 | String jsonReportPath = Path.Combine(Utils.GetPath(Utils.AppPath.basePath), "output.json");
74 | Writer jsonWriter = WriterFactory.GetWriter("json", jsonReportPath);
75 | jsonWriter.TextWriter = File.CreateText(jsonReportPath);
76 | jsonWriter.WriteApp(app);
77 | jsonWriter.FlushAndClose();
78 |
79 | //html report size warning
80 | string outputHTMLPath = Path.Combine(Utils.GetPath(Utils.AppPath.basePath), "output.html");
81 | if (File.Exists(outputHTMLPath) && new FileInfo(outputHTMLPath).Length > MAX_HTML_REPORT_FILE_SIZE)
82 | {
83 | WriteOnce.Info(ErrMsg.GetString(ErrMsg.ID.ANALYZE_REPORTSIZE_WARN));
84 | }
85 |
86 | Utils.OpenBrowser(htmlOutputFilePath);
87 | }
88 |
89 |
90 | public override void FlushAndClose()
91 | {
92 | TextWriter.Flush();
93 | TextWriter.Close();
94 | }
95 |
96 | private void RegisterSafeType(Type type)
97 | {
98 | Template.RegisterSafeType(type, (t) => t.ToString());
99 | Template.RegisterSafeType(type, type.GetMembers(BindingFlags.Instance).Select((e) => e.Name).ToArray());
100 | }
101 | }
102 | }
103 |
--------------------------------------------------------------------------------
/AppInspector/AppInspector.csproj:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 | Exe
5 | netcoreapp3.0
6 | https://github.com/microsoft/ApplicationInspector
7 | https://github.com/microsoft/ApplicationInspector
8 | Security Static Analyzer
10 | 1.0 General Release
11 | Characterizes software features.
12 | (c) Microsoft Corporation. All rights reserved
13 | true
14 | ApplicationInspector
15 | Application Inspector
16 | Microsoft
17 | 1.0.24
18 | AppInspector
19 | ApplicationInspector
20 | Microsoft.AppInspector.Program
21 | Microsoft
22 | true
23 | 1.0.24.0
24 | 1.0.24.0
25 | true
26 |
27 |
28 |
29 | TRACE
30 | AnyCPU
31 | false
32 |
33 |
34 |
35 |
37 |
38 |
39 |
44 |
45 |
46 |
51 |
52 |
53 |
58 |
59 |
60 |
65 |
66 |
67 |
68 | True
69 | True
70 | Resources.resx
71 |
72 |
73 |
74 |
75 |
76 | ResXFileCodeGenerator
77 | Resources.Designer.cs
78 |
79 |
80 |
81 |
82 |
83 | Always
84 |
85 |
86 |
87 |
88 |
89 | Always
90 |
91 |
92 |
93 |
94 |
95 | Always
96 |
97 |
98 | Always
99 |
100 |
101 | Always
102 |
103 |
104 | Always
105 |
106 |
107 | Always
108 |
109 |
110 | Always
111 |
112 |
113 |
114 |
115 |
117 |
118 |
119 |
122 |
123 |
124 |
127 |
--------------------------------------------------------------------------------
/RulesEngine/Resources/languages.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "c",
4 | "extensions": [ ".c", ".h" ],
5 | "type": "code"
6 | },
7 | {
8 | "name": "cpp",
9 | "extensions": [ ".cpp", ".hpp", ".cxx" ],
10 | "type": "code"
11 | },
12 | {
13 | "name": "csharp",
14 | "extensions": [ ".cs" ],
15 | "type": "code"
16 | },
17 | {
18 | "name": "fsharp",
19 | "extensions": [ ".fs" ],
20 | "type": "code"
21 | },
22 | {
23 | "name": "vb",
24 | "extensions": [ ".vb" ],
25 | "type": "code"
26 | },
27 | {
28 | "name": "python",
29 | "extensions": [ ".py", ".py3", ".pyw" ],
30 | "type": "code"
31 | },
32 | {
33 | "name": "html",
34 | "extensions": [ ".html", ".htm", ".cshtml", ".tmpl" ],
35 | "type": "code"
36 | },
37 | {
38 | "name": "javascript",
39 | "extensions": [ ".js" ],
40 | "type": "code"
41 | },
42 | {
43 | "name": "javascriptreact",
44 | "extensions": [ ".jsx" ],
45 | "type": "code"
46 | },
47 | {
48 | "name": "typescript",
49 | "extensions": [ ".ts" ],
50 | "type": "code"
51 | },
52 | {
53 | "name": "typescriptreact",
54 | "extensions": [ ".tsx" ],
55 | "type": "code"
56 | },
57 | {
58 | "name": "coffeescript",
59 | "extensions": [ ".coffee" ],
60 | "type": "code"
61 | },
62 | {
63 | "name": "java",
64 | "extensions": [ ".java" ],
65 | "type": "code"
66 | },
67 | {
68 | "name": "objective-c",
69 | "extensions": [ ".m", ".mm" ],
70 | "type": "code"
71 | },
72 | {
73 | "name": "swift",
74 | "extensions": [ ".swift" ],
75 | "type": "code"
76 | },
77 | {
78 | "name": "perl",
79 | "extensions": [ ".pl", ".pm", ".t", ".pod" ],
80 | "type": "code"
81 | },
82 | {
83 | "name": "perl6",
84 | "extensions": [ ".pl6", ".p6", ".pm6" ],
85 | "type": "code"
86 | },
87 | {
88 | "name": "ruby",
89 | "extensions": [ ".rb" ],
90 | "type": "code"
91 | },
92 | {
93 | "name": "lua",
94 | "extensions": [ ".lua" ],
95 | "type": "code"
96 | },
97 | {
98 | "name": "groovy",
99 | "extensions": [ ".groovy" ],
100 | "type": "code"
101 | },
102 | {
103 | "name": "go",
104 | "extensions": [ ".go" ],
105 | "type": "code"
106 | },
107 | {
108 | "name": "rust",
109 | "extensions": [ ".rs" ],
110 | "type": "code"
111 | },
112 | {
113 | "name": "jade",
114 | "extensions": [ ".jade" ],
115 | "type": "code"
116 | },
117 | {
118 | "name": "clojure",
119 | "extensions": [ ".clj", ".cljs", ".cljc", ".edn" ],
120 | "type": "code"
121 | },
122 | {
123 | "name": "r",
124 | "extensions": [ ".r" ],
125 | "type": "code"
126 | },
127 | {
128 | "name": "php",
129 | "extensions": [ ".php" ],
130 | "type": "code"
131 | },
132 | {
133 | "name": "powershell",
134 | "extensions": [ ".ps1", ".psm1", ".psd1" ],
135 | "type": "code"
136 | },
137 | {
138 | "name": "shellscript",
139 | "extensions": [ ".sh" ],
140 | "type": "code"
141 | },
142 | {
143 | "name": "wincmdscript",
144 | "extensions": [ ".bat" ],
145 | "type": "code"
146 | },
147 | {
148 | "name": "sql",
149 | "extensions": [ ".sql" ],
150 | "type": "code"
151 | },
152 | {
153 | "name": "yaml",
154 | "extensions": [ ".yaml", ".yml" ],
155 | "type": "build"
156 | },
157 | {
158 | "name": "package.json",
159 | "extensions": [ ".json" ],
160 | "type": "build"
161 | },
162 | {
163 | "name": "packages.config",
164 | "extensions": [ "packages.config" ],
165 | "type": "build"
166 | },
167 | {
168 | "name": "VSSolution",
169 | "extensions": [ ".sln" ],
170 | "type": "build"
171 | },
172 | {
173 | "name": "VSProject",
174 | "extensions": [ ".vcxproj", ".ccproj", ".csproj", ".njsproj", ".vbproj" ],
175 | "type": "build"
176 | },
177 | {
178 | "name": "pom.xml",
179 | "extensions": [ "pom.xml" ],
180 | "type": "build"
181 | },
182 | {
183 | "name": "build.xml",
184 | "extensions": [ "build.xml" ],
185 | "type": "build"
186 | },
187 | {
188 | "name": "build.gradle",
189 | "extensions": [ "build.gradle" ],
190 | "type": "build"
191 | },
192 | {
193 | "name": "build.make.xml",
194 | "extensions": [ "build.make.xml" ],
195 | "type": "build"
196 | },
197 | {
198 | "name": "jenkins",
199 | "extensions": [ ".hpi" ],
200 | "type": "build"
201 | },
202 | {
203 | "name": "project.clj",
204 | "extensions": [ ".clj" ],
205 | "type": "build"
206 | },
207 | {
208 | "name": "sbt",
209 | "extensions": [ ".sbt" ],
210 | "type": "build"
211 | },
212 | {
213 | "name": "build.py",
214 | "extensions": [ "build.py" ],
215 | "type": "build"
216 | },
217 | {
218 | "name": ".config",
219 | "extensions": [ ".config" ],
220 | "type": "build"
221 | }
222 | ]
223 |
--------------------------------------------------------------------------------
/MultiExtractor/MiniMagic.cs:
--------------------------------------------------------------------------------
1 | // Copyright (C) Microsoft. All rights reserved.
2 | // Licensed under the MIT License. See LICENSE.txt in the project root for license information.
3 |
4 |
5 | using System;
6 | using System.Collections.Generic;
7 | using System.IO;
8 | using MimeTypes;
9 |
10 |
11 | namespace MultiExtractor
12 | {
13 | public enum ArchiveFileType
14 | {
15 | UNKNOWN,
16 | ZIP,
17 | TAR,
18 | XZ,
19 | GZIP,
20 | BZIP2,
21 | RAR,
22 | P7ZIP
23 | }
24 |
25 | public static class MiniMagic
26 | {
27 |
28 | private static readonly Dictionary FileExtensionMap = new Dictionary()
29 | {
30 | {"zip", ArchiveFileType.ZIP },
31 | {"apk", ArchiveFileType.ZIP },
32 | {"ipa", ArchiveFileType.ZIP },
33 | {"jar", ArchiveFileType.ZIP },
34 | {"ear", ArchiveFileType.ZIP },
35 | {"war", ArchiveFileType.ZIP },
36 |
37 | {"gz", ArchiveFileType.GZIP },
38 | {"tgz", ArchiveFileType.GZIP },
39 |
40 | {"tar", ArchiveFileType.TAR },
41 | {"gem", ArchiveFileType.TAR },
42 |
43 | {"xz", ArchiveFileType.XZ },
44 |
45 | {"bz2", ArchiveFileType.BZIP2 },
46 |
47 | {"rar", ArchiveFileType.RAR },
48 |
49 | {"7z", ArchiveFileType.P7ZIP }
50 |
51 | };
52 |
53 |
54 | public static ArchiveFileType DetectFileType(string filename)
55 | {
56 | using var memoryStream = new MemoryStream(File.ReadAllBytes(filename));
57 | return MiniMagic.DetectFileType(new FileEntry(filename, "", memoryStream));
58 | }
59 |
60 |
61 | public static ArchiveFileType DetectFileType(FileEntry fileEntry)
62 | {
63 | if (fileEntry == null)
64 | {
65 | return ArchiveFileType.UNKNOWN;
66 | }
67 |
68 | var buffer = new byte[8];
69 | if (fileEntry.Content.Length >= 8)
70 | {
71 | fileEntry.Content.Position = 0;
72 | fileEntry.Content.Read(buffer, 0, 8);
73 | fileEntry.Content.Position = 0;
74 | if (buffer[0] == 0x50 && buffer[1] == 0x4B && buffer[2] == 0x03 && buffer[3] == 0x04)
75 | {
76 | return ArchiveFileType.ZIP;
77 | }
78 |
79 | if (buffer[0] == 0x1F && buffer[1] == 0x8B)
80 | {
81 | return ArchiveFileType.GZIP;
82 | }
83 |
84 | if (buffer[0] == 0xFD && buffer[1] == 0x37 && buffer[2] == 0x7A && buffer[3] == 0x58 && buffer[4] == 0x5A && buffer[5] == 0x00)
85 | {
86 | return ArchiveFileType.XZ;
87 | }
88 | if (buffer[0] == 0x42 && buffer[1] == 0x5A && buffer[2] == 0x68)
89 | {
90 | return ArchiveFileType.BZIP2;
91 | }
92 | if ((buffer[0] == 0x52 && buffer[1] == 0x61 && buffer[2] == 0x72 && buffer[3] == 0x21 && buffer[4] == 0x1A && buffer[5] == 0x07 && buffer[6] == 0x00) ||
93 | (buffer[0] == 0x52 && buffer[1] == 0x61 && buffer[2] == 0x72 && buffer[3] == 0x21 && buffer[4] == 0x1A && buffer[5] == 0x07 && buffer[6] == 0x01 && buffer[7] == 0x00))
94 | {
95 | return ArchiveFileType.RAR;
96 | }
97 | if (buffer[0] == 0x37 && buffer[1] == 0x7A && buffer[2] == 0xBC && buffer[3] == 0xAF && buffer[4] == 0x27 && buffer[5] == 0x1C)
98 | {
99 | return ArchiveFileType.P7ZIP;
100 | }
101 | }
102 |
103 | if (fileEntry.Content.Length >= 262)
104 | {
105 | fileEntry.Content.Position = 257;
106 | fileEntry.Content.Read(buffer, 0, 5);
107 | fileEntry.Content.Position = 0;
108 | if (buffer[0] == 0x75 && buffer[1] == 0x73 && buffer[2] == 0x74 && buffer[3] == 0x61 && buffer[4] == 0x72)
109 | {
110 | return ArchiveFileType.TAR;
111 | }
112 | }
113 |
114 | // Fall back to file extensions
115 | #pragma warning disable CA1308 // Normalize strings to uppercase
116 | string fileExtension = Path.GetExtension(fileEntry.Name.ToLowerInvariant());
117 | #pragma warning restore CA1308 // Normalize strings to uppercase
118 | if (fileExtension.StartsWith('.'))
119 | {
120 | fileExtension = fileExtension.Substring(1);
121 | }
122 | if (!MiniMagic.FileExtensionMap.TryGetValue(fileExtension, out ArchiveFileType fileType))
123 | {
124 | fileType = ArchiveFileType.UNKNOWN;
125 | }
126 | return fileType;
127 | }
128 | }
129 | }
130 |
131 |
--------------------------------------------------------------------------------
/AppInspector/html/partials/_report_profile.liquid:
--------------------------------------------------------------------------------
1 |
2 |
Application Features
3 |
4 |
5 | View key characteristics organized by Feature Groups. Click any active icon below or expand a feature group to view
6 | additional details. A disabled icon indicates a 'not found' status. Click a Rule name on the right to view
7 | where a specific feature was found. The full set of unique identified features can be found under the Summary menu.
8 |
9 |
12 |
13 |
14 |
15 |
Feature Groups
16 |
17 | {% for group in groups -%}
18 |
19 |
20 |
22 |
23 |
24 | {% for searchPattern in group.patterns -%}
25 |
30 | {% endfor -%}
31 |
33 |
34 |
35 |
37 | Feature
38 |
39 |
40 | Confidence
41 |
42 |
43 | Details
44 |
45 |
46 |
47 | {% for pattern in group.patterns -%}
48 |
49 |
50 |
55 |
56 | {{pattern.display_name}}
57 |
58 |
60 |
61 | {{pattern.details}}
62 |
63 |
64 | {% endfor -%}
65 |
66 |
68 |
69 | {% endfor -%}
70 |
71 |
72 |
73 |
74 |
Associated Rules
75 |
76 |
77 |
78 |
79 | Name (click to view source)
80 |
81 |
82 |
83 |
84 | Hint: Select feature on left
85 |
86 |
87 |
88 |
89 |
90 |
91 |
92 |
13 | /// Root parent for tag group preferences file
14 | ///
15 | [Serializable]
16 | public class TagCategory
17 | {
18 | public enum tagInfoType { uniqueTags, allTags };
19 | [JsonProperty(PropertyName = "type")]
20 | public tagInfoType Type;
21 | [JsonProperty(PropertyName = "categoryName")]
22 | public String Name { get; set; }
23 | [JsonProperty(PropertyName = "groups")]
24 | public List Groups { get; set; }
25 |
26 | public TagCategory()
27 | {
28 | Groups = new List();
29 | }
30 | }
31 |
32 | ///
33 | /// Used to read customizable preference for Profile page e.g. rules\profile\profile.json
34 | ///
35 | [Serializable]
36 | public class TagGroup : Drop
37 | {
38 | [JsonProperty(PropertyName = "title")]
39 | public string Title { get; set; }
40 | [JsonIgnore]
41 | public string IconURL { get; set; }
42 | [JsonProperty(PropertyName = "dataRef")]
43 | public string DataRef { get; set; }
44 | [JsonProperty(PropertyName = "patterns")]
45 | public List Patterns { get; set; }
46 |
47 | public TagGroup()
48 | {
49 | Patterns = new List();
50 | }
51 | }
52 |
53 |
54 | [Serializable]
55 | public class TagSearchPattern : Drop
56 | {
57 | [JsonProperty(PropertyName = "searchPattern")]
58 | public string SearchPattern { get; set; }
59 | [JsonProperty(PropertyName = "displayName")]
60 | public string DisplayName { get; set; }
61 | [JsonProperty(PropertyName = "detectedIcon")]
62 | public string DetectedIcon { get; set; }
63 | [JsonProperty(PropertyName = "notDetectedIcon")]
64 | public string NotDetectedIcon { get; set; }
65 | [JsonProperty(PropertyName = "detected")]
66 | public bool Detected { get; set; }
67 | [JsonProperty(PropertyName = "details")]
68 | public string Details { get
69 | {
70 | string result = Detected == true ? "View" : "N/A";
71 | return result;
72 | }
73 | }
74 | [JsonProperty(PropertyName = "confidence")]
75 | public string Confidence { get; set; }
76 |
77 | public TagSearchPattern()
78 | {
79 | DetectedIcon = "fas fa-cat";//default
80 | }
81 | }
82 |
83 | ///
84 | /// Primary use is development of lists of tags with specific group or pattern properties in reporting
85 | ///
86 | public class TagInfo : Drop
87 | {
88 | public string Tag { get; set; }
89 | public string ShortTag { get; set; }
90 | [JsonIgnore]
91 | public string StatusIcon { get; set; }
92 | private string _confidence;
93 | public string Confidence
94 | {
95 | get { return _confidence; }
96 | set
97 | {
98 | RulesEngine.Confidence test;
99 | try
100 | {
101 | if (Enum.TryParse(value, true, out test))
102 | this._confidence = value;
103 | }
104 | catch (Exception)//control error description
105 | {
106 | throw new Exception("Invalid argument value set attempt for Confidence");
107 | }
108 |
109 | }
110 | }
111 | public string Severity { get; set; }
112 | public bool Detected { get; set; }
113 |
114 | }
115 |
116 | public class TagCounterUI : Drop
117 | {
118 | [JsonProperty(PropertyName = "tag")]
119 | public string Tag { get; set; }
120 | [JsonProperty(PropertyName = "displayName")]
121 | public string ShortTag { get; set; }
122 | [JsonProperty(PropertyName = "count")]
123 | public int Count { get; set; }
124 | [JsonProperty(PropertyName = "includeAsMatch")]
125 | public bool IncludeAsMatch { get; set; }
126 | }
127 |
128 | public class TagCounter
129 | {
130 | [JsonProperty(PropertyName = "tag")]
131 | public string Tag { get; set; }
132 | [JsonProperty(PropertyName = "displayName")]
133 | public string ShortTag { get; set; }
134 | [JsonProperty(PropertyName = "count")]
135 | public int Count { get; set; }
136 | [JsonProperty(PropertyName = "includeAsMatch")]
137 | public bool IncludeAsMatch { get; set; }
138 | }
139 |
140 |
141 | [Serializable]
142 | public class TagException
143 | {
144 | [JsonProperty(PropertyName = "tag")]
145 | public string Tag { get; set; }
146 | }
147 |
148 | }
149 |
150 |
151 |
--------------------------------------------------------------------------------
/AppInspector/rules/default/os/process.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "OS: Multiprocessing / Multithreading",
4 | "id": "AI036700",
5 | "description": "OS: Multiprocessing / Multithreading",
6 | "tags": [
7 | "OS.Process.Multiprocessing"
8 | ],
9 | "severity": "moderate",
10 | "patterns": [
11 | {
12 | "pattern": "mutex|semaphore|thread|lock|fork",
13 | "type": "regex-word",
14 | "scopes": [
15 | "code"
16 | ],
17 | "confidence": "high",
18 | "_comment": ""
19 | },
20 | {
21 | "pattern": "async",
22 | "type": "regex-word",
23 | "scopes": [
24 | "code"
25 | ],
26 | "confidence": "medium",
27 | "_comment": ""
28 | }
29 | ]
30 | },
31 | {
32 | "name": "OS: Multiprocessing / Multithreading",
33 | "id": "AI036800",
34 | "description": "OS: Multiprocessing / Multithreading",
35 | "applies_to": [
36 | "c",
37 | "cpp"
38 | ],
39 | "tags": [
40 | "OS.Process.Multiprocessing"
41 | ],
42 | "severity": "moderate",
43 | "_comment": "",
44 | "patterns": [
45 | {
46 | "pattern": "WaitForSingleObject|WaitForMultipleObjects",
47 | "type": "regex-word",
48 | "scopes": [
49 | "code"
50 | ],
51 | "confidence": "high",
52 | "_comment": ""
53 | }
54 | ]
55 | },
56 | {
57 | "name": "OS: Multiprocessing / Multithreading",
58 | "id": "AI036900",
59 | "description": "OS: Multiprocessing / Multithreading",
60 | "applies_to": [
61 | "csharp"
62 | ],
63 | "tags": [
64 | "OS.Process.Multiprocessing"
65 | ],
66 | "severity": "moderate",
67 | "patterns": [
68 | {
69 | "pattern": "BackgroundWorker|Task\\.Run|Async|System.Threading",
70 | "type": "regex",
71 | "scopes": [
72 | "code"
73 | ],
74 | "confidence": "high",
75 | "_comment": ""
76 | },
77 | {
78 | "pattern": "(new System\\.Diagnostics.Process\\(\\)| new Process\\(\\))",
79 | "type": "regex",
80 | "scopes": [
81 | "code"
82 | ],
83 | "confidence": "high"
84 | }
85 | ]
86 | },
87 | {
88 | "name": "OS: Multiprocessing / Multithreading",
89 | "id": "AI037000",
90 | "description": "OS: Multiprocessing / Multithreading",
91 | "applies_to": [
92 | "java"
93 | ],
94 | "tags": [
95 | "OS.Process.Multiprocessing"
96 | ],
97 | "severity": "moderate",
98 | "patterns": [
99 | {
100 | "pattern": "Runnable",
101 | "type": "string",
102 | "scopes": [
103 | "code"
104 | ],
105 | "confidence": "high"
106 | }
107 | ]
108 | },
109 | {
110 | "name": "OS: Multiprocessing / Multithreading",
111 | "id": "AI037100",
112 | "description": "OS: Multiprocessing / Multithreading",
113 | "applies_to": [
114 | "go"
115 | ],
116 | "tags": [
117 | "OS.Process.Multiprocessing"
118 | ],
119 | "severity": "moderate",
120 | "patterns": [
121 | {
122 | "pattern": "<-",
123 | "type": "string",
124 | "scopes": [
125 | "code"
126 | ],
127 | "confidence": "high"
128 | }
129 | ]
130 | },
131 | {
132 | "name": "OS: Process Access (Read)",
133 | "id": "AI037200",
134 | "description": "OS: Process Access (Read)",
135 | "applies_to": [
136 | "c",
137 | "cpp",
138 | "csharp",
139 | "python"
140 | ],
141 | "tags": [
142 | "OS.Process.ListRequest"
143 | ],
144 | "severity": "moderate",
145 | "patterns": [
146 | {
147 | "pattern": "Process.GetProcesses()",
148 | "type": "string",
149 | "scopes": [
150 | "code"
151 | ]
152 | },
153 | {
154 | "pattern": "ReadProcessMemory|OpenProcess|VirtualQueryEx",
155 | "type": "regex-word",
156 | "scopes": [
157 | "code"
158 | ]
159 | },
160 | {
161 | "pattern": "system32\\tasklist.exe",
162 | "type": "string",
163 | "scopes": [
164 | "code"
165 | ]
166 | }
167 | ]
168 | },
169 | {
170 | "name": "OS: Process Access (Read)",
171 | "id": "AI037300",
172 | "description": "OS: Process Access (Read)",
173 | "applies_to": [
174 | "powershell"
175 | ],
176 | "tags": [
177 | "OS.Process.ListRequest"
178 | ],
179 | "severity": "moderate",
180 | "patterns": [
181 | {
182 | "pattern": "get-Process ",
183 | "type": "substring",
184 | "scopes": [
185 | "code"
186 | ],
187 | "_comment": ""
188 | }
189 | ]
190 | },
191 | {
192 | "name": "OS: Process Access (Read)",
193 | "id": "AI037400",
194 | "description": "OS: Process Access (Read)",
195 | "applies_to": [
196 | "java"
197 | ],
198 | "tags": [
199 | "OS.Process.ListRequest"
200 | ],
201 | "severity": "moderate",
202 | "patterns": [
203 | {
204 | "pattern": "exec.*['\\\"]ps ",
205 | "type": "substring",
206 | "scopes": [
207 | "code"
208 | ],
209 | "modifiers": [ "i" ]
210 | }
211 | ]
212 | }
213 | ]
--------------------------------------------------------------------------------
/AppInspector/rules/default/cryptography/ciphers.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "Cryptography: Encryption (AES)",
4 | "id": "AI006900",
5 | "description": "Cryptography: Encryption (AES)",
6 | "tags": [
7 | "Cryptography.Cipher.AES"
8 | ],
9 | "severity": "moderate",
10 | "patterns": [
11 | {
12 | "pattern": "AES",
13 | "type": "string",
14 | "scopes": [
15 | "code"
16 | ],
17 | "confidence": "high"
18 | },
19 | {
20 | "pattern": "AES-?(128|192|256)|Rijndael",
21 | "type": "regex-word",
22 | "scopes": [
23 | "code"
24 | ],
25 | "confidence": "high"
26 | }
27 | ]
28 | },
29 | {
30 | "name": "Cryptography: Encryption (3DES)",
31 | "id": "AI007000",
32 | "description": "Cryptography: Encryption (3DES)",
33 | "tags": [
34 | "Cryptography.Cipher.3DES"
35 | ],
36 | "severity": "moderate",
37 | "patterns": [
38 | {
39 | "pattern": "3DES|TripleDES",
40 | "type": "regex-word",
41 | "scopes": [
42 | "code"
43 | ],
44 | "confidence": "high"
45 | }
46 | ]
47 | },
48 | {
49 | "name": "Cryptography: Encryption (RC)",
50 | "id": "AI007100",
51 | "description": "Cryptography: Encryption (RC)",
52 | "tags": [
53 | "Cryptography.Cipher.RC"
54 | ],
55 | "severity": "moderate",
56 | "patterns": [
57 | {
58 | "pattern": "RC([2456])",
59 | "type": "regex-word",
60 | "scopes": [
61 | "code"
62 | ],
63 | "confidence": "high"
64 | },
65 | {
66 | "pattern": "arc4random",
67 | "type": "string",
68 | "scopes": [
69 | "code"
70 | ],
71 | "confidence": "high"
72 | }
73 | ]
74 | },
75 | {
76 | "name": "Encryption: Cipher Mode",
77 | "id": "AI007200",
78 | "description": "Encryption: Cipher Mode",
79 | "tags": [
80 | "Cryptography.Cipher.CipherMode"
81 | ],
82 | "severity": "critical",
83 | "_comment": "",
84 | "patterns": [
85 | {
86 | "pattern": "CBC|CTR|ECB|OFB|CFB|CTS|PCBC|GMAC|XCBC|IACBC|IAPM|EAX|OCB|CWC|AEAD|LRW|XEX|XTS|CMC|EME|CBCMAC|OMAC|PMAC",
87 | "type": "regex-word",
88 | "scopes": [
89 | "code"
90 | ],
91 | "confidence": "high",
92 | "_comment": ""
93 | }
94 | ]
95 | },
96 | {
97 | "name": "Cryptography: Encryption (RSA)",
98 | "id": "AI007300",
99 | "description": "Cryptography: Encryption",
100 | "applies_to": [
101 | "csharp"
102 | ],
103 | "tags": [
104 | "Cryptography.Cipher.RSA"
105 | ],
106 | "severity": "moderate",
107 | "patterns": [
108 | {
109 | "pattern": "RSACng|RSACryptoServiceProvider|RSAEncryptionPadding|RSAOAEPKeyExchangeDeformatter|X509AsymmetricSecurityKey",
110 | "type": "regex-word",
111 | "scopes": [ "code" ],
112 | "confidence": "high",
113 | "modifiers": [ "" ],
114 | "_comment": ""
115 | },
116 | {
117 | "pattern": "RSAOAEPKeyExchangeFormatter|RSAPKCS1KeyExchangeDeformatter|RSAPKCS1",
118 | "type": "regex-word",
119 | "scopes": [ "code" ],
120 | "confidence": "high",
121 | "modifiers": [ "" ],
122 | "_comment": ""
123 | },
124 | {
125 | "pattern": "RSASignaturePadding|RsaProtectedConfigurationProvider|RSACertificateExtensions",
126 | "type": "regex-word",
127 | "scopes": [ "code" ],
128 | "confidence": "high",
129 | "modifiers": [ "" ],
130 | "_comment": ""
131 | }
132 | ]
133 | },
134 | {
135 | "name": "Cryptography: Encryption (RSA)",
136 | "id": "AI007400",
137 | "description": "Cryptography: Encryption",
138 | "tags": [
139 | "Cryptography.Cipher.RSA"
140 | ],
141 | "severity": "moderate",
142 | "patterns": [
143 | {
144 | "pattern": "RSA.*encrypt|RSA.*decrypt|public.?key|private.?key|privkey|pubkey",
145 | "type": "regex",
146 | "scopes": [
147 | "code", "comment"
148 | ],
149 | "confidence": "high"
150 | },
151 | {
152 | "pattern": "rsa",
153 | "type": "regex-word",
154 | "scopes": [
155 | "code"
156 | ],
157 | "confidence": "low"
158 | }
159 | ]
160 | },
161 | {
162 | "name": "Cryptography: Encryption (RSA)",
163 | "id": "AI007500",
164 | "description": "Cryptography: Encryption",
165 | "tags": [
166 | "Cryptography.Cipher.RSA"
167 | ],
168 | "severity": "moderate",
169 | "patterns": [
170 | {
171 | "pattern": "asymmetric",
172 | "type": "regex-word",
173 | "scopes": [
174 | "code",
175 | "comment"
176 | ],
177 | "confidence": "medium"
178 | }
179 | ]
180 | },
181 | {
182 | "name": "Cryptography: Encryption (General)",
183 | "id": "AI007600",
184 | "description": "Cryptography: Encryption",
185 | "tags": [
186 | "Cryptography.Encryption.General"
187 | ],
188 | "severity": "moderate",
189 | "patterns": [
190 | {
191 | "pattern": "encrypt|decrypt|cipher|crypt|symmmetric",
192 | "type": "regex",
193 | "scopes": [
194 | "code",
195 | "comment"
196 | ],
197 | "confidence": "high"
198 | }
199 | ]
200 | }
201 | ]
202 |
--------------------------------------------------------------------------------
/AppInspector/rules/default/cryptography/protocol.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "Cryptography: SSL/TLS Protocol",
4 | "id": "AI009600",
5 | "description": "Cryptography: SSL/TLS Protocol",
6 | "applies_to": [
7 | "csharp"
8 | ],
9 | "tags": [
10 | "Cryptography.Protocol.TLS"
11 | ],
12 | "severity": "moderate",
13 | "patterns": [
14 | {
15 | "pattern": "(SSL|TLS)(v)?([123]{1,2})",
16 | "type": "regex",
17 | "scopes": [
18 | "code"
19 | ],
20 | "confidence": "high",
21 | "_comment": ""
22 | },
23 | {
24 | "pattern": "SslStream|SecurityProtocolType\\.(Ssl|Tls)|SslPolicyErrors|onReceivedSslError|SslContext",
25 | "type": "regex",
26 | "scopes": [ "code" ],
27 | "confidence": "high",
28 | "modifiers": [ "" ],
29 | "_comment": ""
30 | }
31 | ]
32 | },
33 | {
34 | "name": "Cryptography: SSL/TLS Protocol",
35 | "id": "AI009700",
36 | "description": "Cryptography: SSL/TLS Protocol",
37 | "applies_to": [
38 | "c",
39 | "cpp"
40 | ],
41 | "tags": [
42 | "Cryptography.Protocol.TLS"
43 | ],
44 | "severity": "moderate",
45 | "patterns": [
46 | {
47 | "pattern": "SECURITY_FLAG_",
48 | "type": "regex",
49 | "scopes": [
50 | "code"
51 | ],
52 | "confidence": "high",
53 | "_comment": "get all non-ignore (see weakssl.json) indicators of ssl"
54 | }
55 | ],
56 | "conditions": [
57 | {
58 | "pattern": {
59 | "pattern": "SECURITY_FLAG_IGNORE",
60 | "type": "regex",
61 | "scopes": [
62 | "code"
63 | ],
64 | "modifiers": [ "i" ],
65 | "_comment": ""
66 | },
67 | "search_in": "finding-region(-1,1)",
68 | "negate_finding": true,
69 | "_comment": ""
70 | }
71 | ]
72 | },
73 | {
74 | "name": "Cryptography: SSL/TLS Protocol",
75 | "id": "AI009800",
76 | "description": "Cryptography: SSL/TLS Protocol",
77 | "applies_to": [
78 | "c",
79 | "objective-c",
80 | "swift"
81 | ],
82 | "tags": [
83 | "Cryptography.Protocol.TLS"
84 | ],
85 | "severity": "moderate",
86 | "patterns": [
87 | {
88 | "pattern": "(kCF|NS)StreamSocketSecurityLevel(None|SSLv2|SSLv3|TLSv1|NegotiatedSSL)",
89 | "type": "regex-word",
90 | "scopes": [ "code" ],
91 | "confidence": "high"
92 | },
93 | {
94 | "pattern": "kSSLProtocol(2|3Only|All|Unknown)",
95 | "type": "regex",
96 | "scopes": [ "code" ],
97 | "confidence": "high"
98 | },
99 | {
100 | "pattern": "k(D)?(SSL|TLS)Protocol(1|1Only|2|3Only|All)",
101 | "type": "regex",
102 | "scopes": [ "code" ],
103 | "confidence": "high"
104 | },
105 | {
106 | "pattern": "ssl",
107 | "type": "regex-word",
108 | "scopes": [ "code" ],
109 | "confidence": "high",
110 | "_comment": "e.g. ssl_crl, ssl_ecdh_curve, others"
111 | },
112 | {
113 | "pattern": "SSLCADNRequest|SSLCARevocation|SSLCompression|SSLEngine|SSLFIPS|SSLInsecureRenegotiation",
114 | "type": "regex",
115 | "scopes": [ "code" ],
116 | "confidence": "high",
117 | "modifiers": [ "" ],
118 | "_comment": ""
119 | },
120 | {
121 | "pattern": "SSLOCSP(DefaultResponder|Enable|OverrideResponder|ProxyURL|ResponderTimeout|ResponseMaxAge|ResponseTimeSkew|UseRequestNonce)",
122 | "type": "regex",
123 | "scopes": [ "code" ],
124 | "confidence": "high",
125 | "modifiers": [ "" ],
126 | "_comment": ""
127 | },
128 | {
129 | "pattern": "SSLOpenSSLConfCmd|SSLOptions|SSLPassPhraseDialog|SSLProtocol|SSLProxy",
130 | "type": "regex",
131 | "scopes": [ "code" ],
132 | "confidence": "high",
133 | "modifiers": [ "" ],
134 | "_comment": ""
135 | },
136 | {
137 | "pattern": "SSLRandomSeed|SSLRenegBufferSize|SSLRequire|SSLSessionCache|SSLSRPUnknownUserSeed|SSLSRPVerifierFile|SSLStapling",
138 | "type": "regex",
139 | "scopes": [ "code" ],
140 | "confidence": "high",
141 | "modifiers": [ "" ],
142 | "_comment": ""
143 | },
144 | {
145 | "pattern": "SSLStrictSNIVHostCheck|SSLUserName|SSLUseStapling|SSLVerify",
146 | "type": "regex",
147 | "scopes": [ "code" ],
148 | "confidence": "high",
149 | "modifiers": [ "" ],
150 | "_comment": ""
151 | }
152 | ]
153 | },
154 | {
155 | "name": "Cryptography: SSH Protocol",
156 | "id": "AI009900",
157 | "description": "Cryptography: SSH Protocol",
158 | "tags": [
159 | "Cryptography.Protocol.SSH"
160 | ],
161 | "severity": "moderate",
162 | "patterns": [
163 | {
164 | "pattern": "ssh",
165 | "type": "regex-word",
166 | "scopes": [ "code" ],
167 | "confidence": "high"
168 | }
169 | ]
170 | },
171 | {
172 | "name": "Cryptography: SSH Protocol",
173 | "id": "AI009910",
174 | "description": "Cryptography: SSH Protocol",
175 | "tags": [
176 | "Cryptography.Protocol.KeyExchange"
177 | ],
178 | "severity": "moderate",
179 | "patterns": [
180 | {
181 | "pattern": "DiffieHellman|ECDsa",
182 | "type": "regex",
183 | "scopes": [ "code" ],
184 | "confidence": "high",
185 | "modifiers": [ "i", "comment" ],
186 | "_comment": ""
187 | }
188 | ]
189 | }
190 | ]
191 |
--------------------------------------------------------------------------------
/AppInspector/rules/default/test_frameworks/objectiveC_testing.json:
--------------------------------------------------------------------------------
1 | [
2 | {
3 | "name": "Testing Framework: GHUnit",
4 | "id": "AI050800",
5 | "description": "Testing Framework: GHUnit",
6 | "applies_to": [
7 | "objective-c"
8 | ],
9 | "tags": [
10 | "Framework.Testing.GHUnit"
11 | ],
12 | "patterns": [
13 | {
14 | "pattern": "GHUnit",
15 | "type": "regex-word",
16 | "scopes": [
17 | "code"
18 | ],
19 | "modifiers": [
20 | "i"
21 | ],
22 | "confidence": "high"
23 | }
24 | ]
25 | },
26 | {
27 | "name": "Testing Framework: Catch",
28 | "id": "AI050900",
29 | "description": "Testing Framework: Catch",
30 | "applies_to": [
31 | "objective-c"
32 | ],
33 | "tags": [
34 | "Framework.Testing.Catch"
35 | ],
36 | "patterns": [
37 | {
38 | "pattern": "catch",
39 | "type": "regex",
40 | "scopes": [
41 | "code"
42 | ],
43 | "modifiers": [
44 | "i"
45 | ],
46 | "confidence": "low"
47 | }
48 | ]
49 | },
50 | {
51 | "name": "Testing Framework: Cedar",
52 | "id": "AI051000",
53 | "description": "Testing Framework: Cedar",
54 | "applies_to": [
55 | "objective-c"
56 | ],
57 | "tags": [
58 | "Framework.Testing.Cedar"
59 | ],
60 | "patterns": [
61 | {
62 | "pattern": "Cedar",
63 | "type": "string",
64 | "scopes": [
65 | "code"
66 | ],
67 | "modifiers": [
68 | "i"
69 | ],
70 | "confidence": "high",
71 | "_comment": ""
72 | }
73 | ]
74 | },
75 | {
76 | "name": "Testing Framework: Kiwi",
77 | "id": "AI051100",
78 | "description": "Testing Framework: Kiwi",
79 | "applies_to": [
80 | "objective-c"
81 | ],
82 | "tags": [
83 | "Framework.Testing.Kiwi"
84 | ],
85 | "patterns": [
86 | {
87 | "pattern": "kiwi",
88 | "type": "string",
89 | "scopes": [
90 | "code"
91 | ],
92 | "modifiers": [
93 | "i"
94 | ],
95 | "confidence": "high",
96 | "_comment": ""
97 | }
98 | ]
99 | },
100 | {
101 | "name": "Testing Framework: Specta",
102 | "id": "AI051200",
103 | "description": "Testing Framework: Specta",
104 | "applies_to": [
105 | "objective-c"
106 | ],
107 | "tags": [
108 | "Framework.Testing.Specta"
109 | ],
110 | "patterns": [
111 | {
112 | "pattern": "specta",
113 | "type": "string",
114 | "scopes": [
115 | "code",
116 | "comment"
117 | ],
118 | "modifiers": [
119 | "i"
120 | ],
121 | "confidence": "high"
122 | }
123 | ]
124 | },
125 | {
126 | "name": "Testing Framework: Quick",
127 | "id": "AI051300",
128 | "description": "Testing Framework: Quick",
129 | "applies_to": [
130 | "objective-c"
131 | ],
132 | "tags": [
133 | "Framework.Testing.quick"
134 | ],
135 | "patterns": [
136 | {
137 | "pattern": "Quick",
138 | "type": "regex",
139 | "scopes": [
140 | "code"
141 | ],
142 | "modifiers": [
143 | "i"
144 | ],
145 | "confidence": "high"
146 | }
147 | ]
148 | },
149 | {
150 | "name": "Testing Framework: ObjcUnit",
151 | "id": "AI051400",
152 | "description": "Testing Framework: ObjcUnit",
153 | "applies_to": [
154 | "objective-c"
155 | ],
156 | "tags": [
157 | "Framework.Testing.ObjcUnit"
158 | ],
159 | "patterns": [
160 | {
161 | "pattern": "objcunit",
162 | "type": "string",
163 | "scopes": [
164 | "code"
165 | ],
166 | "modifiers": [
167 | "i"
168 | ],
169 | "confidence": "high"
170 | }
171 | ]
172 | },
173 | {
174 | "name": "Testing Framework: OCUnit",
175 | "id": "AI051500",
176 | "description": "Testing Framework: OCUnit",
177 | "applies_to": [
178 | "objective-c"
179 | ],
180 | "tags": [
181 | "Framework.Testing.OCUnit"
182 | ],
183 | "patterns": [
184 | {
185 | "pattern": "ocunit",
186 | "type": "string",
187 | "scopes": [
188 | "code"
189 | ],
190 | "modifiers": [
191 | "i"
192 | ],
193 | "confidence": "high"
194 | }
195 | ]
196 | },
197 | {
198 | "name": "Testing Framework: WOTest",
199 | "id": "AI051600",
200 | "description": "Testing Framework: WOTest",
201 | "applies_to": [
202 | "objective-c"
203 | ],
204 | "tags": [
205 | "Framework.Testing.WOTest"
206 | ],
207 | "patterns": [
208 | {
209 | "pattern": "wotest",
210 | "type": "string",
211 | "scopes": [
212 | "code"
213 | ],
214 | "modifiers": [
215 | "i"
216 | ],
217 | "confidence": "high"
218 | }
219 | ]
220 | },
221 | {
222 | "name": "Testing Framework: XCTest",
223 | "id": "AI051700",
224 | "description": "Testing Framework: XCTest",
225 | "applies_to": [
226 | "objective-c"
227 | ],
228 | "tags": [
229 | "Framework.Testing.XCTest"
230 | ],
231 | "patterns": [
232 | {
233 | "pattern": "xctest",
234 | "type": "string",
235 | "scopes": [
236 | "code",
237 | "comment"
238 | ],
239 | "modifiers": [
240 | "i"
241 | ],
242 | "confidence": "high"
243 | }
244 | ]
245 | }
246 | ]
--------------------------------------------------------------------------------
{{group.title}}
21 | 
59 |