akosoriod / Cobra Public

forked from FeeiCN/Cobra

Notifications You must be signed in to change notification settings
Fork 0
Star 0

Source Code Security Audit (源代码安全审计)

cobra.feei.cn

MIT license

0 stars 950 forks Branches Tags Activity

Star

Notifications

Branches Tags

Name		Name	Last commit message	Last commit date
Latest commit History 1,999 Commits
.github		.github
cobra		cobra
docs		docs
reports		reports
rules		rules
tests		tests
-		-
.coveralls.yml		.coveralls.yml
.gitignore		.gitignore
.travis.yml		.travis.yml
CHANGES.md		CHANGES.md
CONTRIBUTING.md		CONTRIBUTING.md
Dockerfile		Dockerfile
LICENSE		LICENSE
README.md		README.md
cobra.py		cobra.py
config.template		config.template
git_projects.py		git_projects.py
requirements.txt		requirements.txt

Repository files navigation

Cobra - English version

Updated 06-2021 python3

updated dependency Werkzeug==0.15.5

Fix conflict time.clock

Results on webApp translated into English

Web Deploy with Conda

conda create --name cobra python=3

conda activate cobra

pip install -r requirements.txt

cp config.template config

python cobra.py -H 127.0.0.1 -P 5000

The project design is no longer able to achieve the current white-box scanning requirements, and is no longer being maintained for research use only, please do not use it in a production environment

Introduction

Cobra is a source code security audit tool that supports detection of most significant security issues and vulnerabilities in source code of multiple development languages.

Features

Multi-language Supported (support for multiple development languages)

Supports development languages such as PHP, Java, and dozens of types of files.

Multi-Vulnerabilities Supported (support for multiple vulnerability types)

The first batch of tens of thousands of insecure dependency checking rules and dozens of code security scanning rules are open, and more scanning rules will continue to be opened later.

GUI/CLI/API Mode (command line mode and API mode)

Provide local Web Server service, can use GUI visual operation, also can support local API interface, convenient and other systems (release system, CI, etc.) docking extension.

Screenshot

Screenshot [! report01](https://whaleshark-team.github.io/ cobra/api) [! report02](https://whaleshark-team.github.io/ cobra/api)

Contributors

The project was initiated and led by Feei, with core developers LiGhT1EsS, BlBana, 40huo, braveghz, and also thanks to other [contributors](https://github.com/WhaleShark-Team/cobra/ graphs/contributors), feel free to submit PRs.