apunkt/nyx
1
0
Fork 0
mirror of https://github.com/elicpeter/nyx.git synced 2026-06-09 19:45:13 +02:00
Code Issues Projects Releases Packages Wiki Activity

Add multi-language AST-pattern scanning support

Browse source 
- Introduced `patterns` module with language-specific vulnerability patterns.
- Added `query_cache` utility for caching compiled queries.
- Expanded `scan.rs` to support scanning multiple languages dynamically.
- Updated `Cargo.toml` with additional tree-sitter dependencies.
- Added severity filtering to `ScannerConfig` for better configuration.
This commit is contained in:
elipeter 2025-06-17 01:17:48 +02:00
parent 0831b9fb48
commit 22369cc404
17 changed files with 665 additions and 25 deletions
Download patch file Download diff file Expand all files Collapse all files

40
src/patterns/python.rs Normal file
View file

@ -0,0 +1,40 @@
use crate::patterns::{Pattern, Severity};
pub const PATTERNS: &[Pattern] = &[
Pattern {
id: "eval_call",
description: "eval() on dynamic input",
query: "(call function: (identifier) @id (#eq? @id \"eval\")) @vuln",
severity: Severity::High,
},
Pattern {
id: "exec_call",
description: "exec(...) execution of dynamic code",
query: "(call function: (identifier) @id (#eq? @id \"exec\")) @vuln",
severity: Severity::High,
},
Pattern {
id: "pickle_load",
description: "pickle.load / loads unsafe deserialization",
query: "(call function: (attribute attribute: (identifier) @attr (#match? @attr \"load(s)?\") object: (identifier) @pkg (#eq? @pkg \"pickle\"))) @vuln",
severity: Severity::High,
},
Pattern {
id: "subprocess_shell_true",
description: "subprocess.* with shell=True",
query: "(call function: (attribute object: (identifier) @pkg (#eq? @pkg \"subprocess\")) arguments: (argument_list . (keyword_argument name: (identifier) @k (#eq? @k \"shell\")) (true) @val)) @vuln",
severity: Severity::Medium,
},
Pattern {
id: "random_random",
description: "random.random() for security-sensitive randomness",
query: "(call function: (attribute attribute: (identifier) @attr (#eq? @attr \"random\") object: (identifier) @pkg (#eq? @pkg \"random\"))) @vuln",
severity: Severity::Low,
},
Pattern {
id: "sql_concat",
description: "SQL query built via f-string or +-concat",
query: "(call function: (attribute attribute: (identifier) @m (#match? @m \"execute|executemany\")) arguments: (argument_list (f_string) @fstr)) @vuln",
severity: Severity::Medium,
},
];