Cobra(眼镜蛇) 白盒代码安全审计系统

Cobra(眼镜蛇)是一款定位于静态代码安全漏洞分析系统。通过收集互联网常规漏洞的检测方法并输出成Cobra扫描规则,即可以自动化分析出源代码中存在的漏洞并生成完整的漏洞审计报告和详细的修复方案。

Python 安全相关

访问GitHub主页

共2402Star

详细介绍

Cobra

Cobra Release license Cobra Open Issue Cobra Close Issue GitHub stars GitHub followers


English | 简体中文


Introduction

Cobra is a static code analysis system that automates the detecting vulnerabilities and security issue.

Features

  • Multi-language support
  • Multiple code support
  • Compatibility
  • API
  • Automation

Target Audience

1. IT/Network Company

Internet companies can deploy Cobra within the enterprise for developers to use to scan for project risks. It can also be integrated into an internal code distribution system that allows Cobra to become a part of the distribution system by scanning developers for security of code submitted to the line, thereby limiting unsafe code to go online and reducing online risk.

2. Security Company

Security companies for Internet companies for security testing, you can Cobra's global project scanning capabilities of all items of Party A automatic code security audit.

3. White Hat

White Hat can be customized private Cobra scanning rules, open source project code audit, found the vulnerability.

Screenshot

Cobra Manual Scan

Cobra Manual Scan

Cobra Report

Cobra Report

Cobra Manage

Cobra Manage

Beta version

Cobra is currently a beta version, there are some imperfections and bugs, so we need your contribution, whether it is testing, development, vulnerability scanning rules or advice.

References

推荐源码