Cobra(眼镜蛇) 白盒代码安全审计系统
Cobra(眼镜蛇)是一款定位于静态代码安全漏洞分析系统。通过收集互联网常规漏洞的检测方法并输出成Cobra扫描规则,即可以自动化分析出源代码中存在的漏洞并生成完整的漏洞审计报告和详细的修复方案。
Python 安全相关
共2402Star
详细介绍
Cobra
Introduction
Cobra is a static code analysis system that automates the detecting vulnerabilities and security issue.
Features
- Multi-language support
- Multiple code support
- Compatibility
- API
- Automation
Target Audience
1. IT/Network Company
Internet companies can deploy Cobra within the enterprise for developers to use to scan for project risks. It can also be integrated into an internal code distribution system that allows Cobra to become a part of the distribution system by scanning developers for security of code submitted to the line, thereby limiting unsafe code to go online and reducing online risk.
2. Security Company
Security companies for Internet companies for security testing, you can Cobra's global project scanning capabilities of all items of Party A automatic code security audit.
3. White Hat
White Hat can be customized private Cobra scanning rules, open source project code audit, found the vulnerability.
Screenshot
Cobra Manual Scan
Cobra Report
Cobra Manage
Beta version
Cobra is currently a beta version, there are some imperfections and bugs, so we need your contribution, whether it is testing, development, vulnerability scanning rules or advice.
References
- Documents - http://cobra-docs.readthedocs.io
- Website - Coming soon!
- Online Demo - Coming soon!