Hackers of India

SCodeScanner - An Open-Source Source-Code Scanner

By  Utkarsh Agrawal  on 10 Aug 2023 @ Blackhat : Arsenal

This Tool Demo covers following tools where the speaker has contributed or authored
SCODESCANNER

Abstract

SCodeScanner is a powerful tool for identifying vulnerabilities in source-code. It is designed to be easy to use and provides a range of features to help users quickly and accurately identify vulnerabilities with fewer false positives.

Some key features of SCodeScanner include:

Proof of results, SCodeScanner has already found 5 vulnerabilities in multiple Wordpress plugins and has been awarded following CVEs:

CVE-2022-1604 CVE-2022-1465 CVE-2022-1474 CVE-2022-1527 CVE-2022-1532

Overall, SCodeScanner is a valuable tool for any developer or security professional looking to identify vulnerabilities in their source-code before it is published in production. Its fast scanning, less false positives, and CI/CD pipeline integrations as well as bug-tracking services, make it a powerful tool for ensuring the security of your code.