Raineraineyang.hashnode.dev·Oct 7, 2024Journey to PythonTA: The Control Flow Graph Module (Part 1)The Journey to PythonTA series aims to introduce various system components of PythonTA (https://github.com/pyta-uoft/pyta), a static code analysis tool for checking common code style errors in Python code, to new developers. In this series, in additi...Discuss·29 readsPython
TATHAGATA ROYthreatradar.vercel.app·Sep 20, 2024Malware Analysis of Zeus Banking TrojanThe Zeus Banking Trojan has been one of the most persistent and dangerous pieces of malware to target financial institutions and end-user systems. This technical blog walks through a complete malware analysis of the Zeus Trojan using a secure, isolat...Discuss·121 readsSecurity
Gyuhang Shimplto001.hashnode.dev·Sep 16, 2024Soundness of Programming LanguagesSoundness and Completeness at the Programming Language Level Soundness in programming languages is a concept that represents the stability and reliability of a language's type system. In other words, if a language's type system can catch all type-rel...Discusssoundness-and-completeness
Cloud Tunedcloudtuned.hashnode.dev·Jul 6, 2024Understanding Checkmarx: Securing Your Code from WithinUnderstanding Checkmarx: Securing Your Code from Within Introduction In an era where cyber threats are ever-evolving, securing software applications from vulnerabilities is paramount. Checkmarx is a leading application security testing solution desig...Discussstatic analysis
Raineraineyang.hashnode.dev·Jul 3, 2024PyTA Project: Converting Function Preconditions to Z3 ConstraintsToday's task is to update ExprWrapper, a module that converts a python expression to corresponding z3 expression, to support container classes like list , tuple, and set, and in operation. In this article, I will first provide a brief overview of z3 ...DiscussPython
Simon Crowesimoncrowe.hashnode.dev·Jun 29, 2024Django and Semgrep: Enforcing a Service Layer Using Static AnalysisIn my previous post about implementing a service layer in Django, I wrote about a simple pattern that "plays nice" with the mountain of functionality that comes with Django out-of-the-box, particularly the ORM. In this implementation, business logic ...Discuss·348 readsPython
Cloud Tunedcloudtuned.hashnode.dev·Jun 22, 2024Discovering KICS: Keeping Infrastructure as Code SecureDiscovering KICS: Keeping Infrastructure as Code Secure Introduction As the adoption of Infrastructure as Code (IaC) grows, so does the need to ensure that these configurations are secure. IaC allows developers to define and manage infrastructure thr...Discusskics
Zealynx Securityzealynx.hashnode.dev·Jun 3, 2024How to Write a Detector in Aderyn Step by StepIn this post, you'll learn how to develop a custom detector in Aderyn, a Rust-based static analyzer for Solidity smart contracts. We'll guide you through creating the `division_before_multiplication` detector, from understanding the vulnerability and...Discuss·2 likes·316 readsstatic code analysis
Cloud Tunedcloudtuned.hashnode.dev·Jun 2, 2024An Introduction to Semgrep: Lightweight Static Analysis for Modern CodebasesAn Introduction to Semgrep: Lightweight Static Analysis for Modern Codebases Introduction In the world of software development, maintaining code quality and security is a continuous challenge. Traditional static analysis tools can be cumbersome, slow...Discusssemgrep
Haneunhanlee.hashnode.dev·Aug 22, 2023What are Dynamic Analysis and Static AnalysisDefinition Methods of Analyzing Programs Dynamic Analysis Verifying through multiple executions Dynamic analysis is a method of analyzing the behavior of software during its execution. When software is running, dynamic analysis tools are used to moni...DiscussCyber Securitycybersecurity