all greps...

ASP
xss cross-site scripting cwe-79
Response.Write\([^\)]*?(\+*|\&*)\s*Request.Params.Get\(.*\)(\+*|\&*)\s*
xss cross-site scripting cwe-79
input.*type=(\"|\')?hidden.*=.*Request\.(QUERYSTRING|FORM)
sql injection
sql.*=.*\"\s*\&
sql injection
CommandText\s*=\s*.*\"\s*\&
sql injection
\.Execute\(.*\"\s*\&
file information_leak
OpenTextFile\s?\(\s?Request\.
ASP.Net
xss, net
\.Append\(.*HttpContext\.Current\.Request\.Url
xss cross-site scripting cwe-79
\.(Append|WriteLine)\([^\)]*?HttpContext\.Current\.Request\.(Url|Form|QueryString)
xss
\.Append\(.*HttpContext\.Current\.Request\.Form
xss
\.Append\(.*HttpContext\.Current\.Request\.QueryString
xss
\.WriteLine\(.*HttpContext\.Current\.Request\.Url
xss
\.WriteLine\(.*HttpContext\.Current\.Request\.Form
xss
\.WriteLine\(.*HttpContext\.Current\.Request\.QueryString
stack trace
response\.write\s*\(.*StackTrace
insecure certificate validation cwe-295
ServerCertificateValidationCallback\s*?\=
input request validation
<%@\s?Page\s?.*\s?validateRequest\s?=\s?(\'|\")false(\'|\")
C
uncontrolled format string cwe-134
printf\s?\(|vprintf\s?\(|vwprintf\s?\(|vfwprintf\s?\(|_vtprintf\s?\(|wprintf\s?\(|fprintf\s?\(|vfprintf\s?\(|_ftprintf\s?\(|_vftprintf\s?\(|fwprintf\s?\(|fvwprintf\s?\(
race condition cwe-362 cwe-20
readlink\s?\(
race condition cwe-362
chown\s?\(|chgrp\s?\(|chmod\s?\(|readlink\s?\(
overflow buffer cat string concatenation cwe-120
lstrcat\s?\(|wcscat\s?\(|_tcscat\s?\(|_mbscat\s?\(
logic bug
if\s?\(\s?.*\s?(?<!\!)(?<!=)(?<!<)(?<!>)=(?!=)\s?('|").*('|")\s?\)
integer overflow
ALLOC[A-Z0-9_]*\s*\([ˆ,]*,[ˆ;]*[*+-][ˆ>][ˆ;]*\)\s*;
insecure weak random entropy
\sdrand48\s?\(\s?|\serand48\s?\(\s?|\sjrand48\s?\(\s?|\slcong48\s?\(\s?|\slrand48\s?\(\s?|\smrand48\s?\(\s?|\snrand48\s?\(\s?|\srandom\s?\(\s?|\sseed48\s?\(\s?|\ssetstate\s?\(\s?|\ssrand\s?\(\s?|\sstrfry\s?\(\s?|\ssrandom\s?\(\s?
input validation
recv\s?\(|recvfrom\s?\(|recvmsg\s?\(|fread\s?\(|readv\s?\(
errno error
if\s?\(\s?errno\s?=\s?E|if\s?\(\s?E[A-Za-z]*\s?=\s?errno
dangerous command execution functions
(system|popen)\s?\(
banned vararg variable argument sprintf cwe-120
wvsprintf\s?\(|wvsprintfA\s?\(|wvsprintfW\s?\(|vsprintf\s?\(|_vstprintf\s?\(|vswprintf\s?\(|_vsnprintf\s?\(|_vsnwprintf\s?\(|_vsntprintf\s?\(|wvnsprintf\s?\(|wvnsprintfA\s?\(|wvnsprintfW\s?\(
banned string tokenizing
strtok\s?\(|_tcstok\s?\(|wcstok\s?\(|_mbstok\s?\(
banned string length
strlen\s?\(|wcslen\s?\(|_mbslen\s?\(|_mbstrlen\s?\(|StrLen\s?\(|lstrlen\s?\(
banned string copy cwe-120
strncpy\s?\(|wcsncpy\s?\(|_tcsncpy\s?\(|_mbsncpy\s?\(|_mbsnbcpy\s?\(|StrCpyN\s?\(|StrCpyNA\s?\(|StrCpyNW\s?\(|StrNCpy\s?\(|strcpynA\s?\(|StrNCpyA\s?\(|StrNCpyW\s?\(|lstrcpyn\s?\(|lstrcpynA\s?\(|lstrcpynW\s?\(|_fstrncpy\s?\(|lstrcpy\s?\(|wcscpy\s?\(|_tcscpy\s?\(|_mbscpy\s?\(
banned scanf copy cwe-120 cwe-20
scanf\s?\(|wscanf\s?\(|_tscanf\s?\(|sscanf\s?\(|swscanf\s?\(|_stscanf\s?\(|snscanf\s?\(|snwscanf\s?\(|_sntscanf\s?\(
banned path
Makepath\s?\(|_tmakepath\s?\(|_makepath\s?\(|_wmakepath\s?\(|_splitpath\s?\(|_tsplitpath\s?\(|_wsplitpath\s?\(
banned oem
CharToOem\s?\(|CharToOemA\s?\(|CharToOemW\s?\(|OemToChar\s?\(|OemToCharA\s?\(|OemToCharW\s?\(|CharToOemBuffA\s?\(|CharToOemBuffW\s?\(
banned numeric
_itoa\s?\(|_itow\s?\(|_i64toa\s?\(|_i64tow\s?\(|_ui64toa\s?\(|_ui64tot\s?\(|_ui64tow\s?\(|_ultoa\s?\(|_ultot\s?\(|_ultow\s?\(
banned n string cwe-120
strncat\s?\(|wcsncat\s?\(|_tcsncat\s?\(|_mbsncat\s?\(|_mbsnbcat\s?\(|StrCatN\s?\(|StrCatNA\s?\(|StrCatNW\s?\(|StrNCat\s?\(|StrNCatA\s?\(|StrNCatW\s?\(|lstrncat\s?\(|lstrcatnA\s?\(|lstrcatnW\s?\(|lstrcatn\s?\(|_fstrncat\s?\(
banned memory copy overflow buffer
memcpy\s?\(|CopyMemory\s?\(|bcopy\s?\(|RtlCopyMemory\s?\(
banned memory alloc
alloca\s?\(|_alloca\s?\(
banned isbad
isBadWritePtr\s?\(|IsBadHugeWritePtr\s?\(|IsBadReadPtr\s?\(|IsBadHugeReadPtr\s?\(|IsBadCodePtr\s?\(|IsBadStringPtr\s?\(
banned gets cwe-120 cwe-20
(\=|\(|\s)gets\s?\(|_getts\s?\(|_gettws\s?\(
banned deprecated getlogin
getlogin\(.*\)
C#
warnings disable
#pragma\s+warning\s*\(\s*disable\s*:
sql injection cwe-89
\"\s*[Ss][Ee][Ll][Ee][Cc][Tt][^"]*"\s*\+\s*\w[^+]*\+\s*\"
insecure weak random entropy
Rnd\s?\(|Random\s?\(
insecure certificate validation cwe-295
X509CertificateValidationMode\.None|X509CertificateValidator\.None
ecb weak encryption mode
CipherMode.ECB
C++
uncontrolled format string cwe-134
printf\s?\(|vprintf\s?\(|vwprintf\s?\(|vfwprintf\s?\(|_vtprintf\s?\(|wprintf\s?\(|fprintf\s?\(|vfprintf\s?\(|_ftprintf\s?\(|_vftprintf\s?\(|fwprintf\s?\(|fvwprintf\s?\(
race condition cwe-362 cwe-20
readlink\s?\(
race condition cwe-362
chown\s?\(|chgrp\s?\(|chmod\s?\(|readlink\s?\(
overflow buffer cat string concatenation
lstrcat\s?\(|wcscat\s?\(|_tcscat\s?\(|_mbscat\s?\(
logic bug
if\s?\(\s?.*\s?(?<!\!)(?<!=)(?<!<)(?<!>)=(?!=)\s?('|").*('|")\s?\)
insecure weak random entropy
\sdrand48\s?\(\s?|\serand48\s?\(\s?|\sjrand48\s?\(\s?|\slcong48\s?\(\s?|\slrand48\s?\(\s?|\smrand48\s?\(\s?|\snrand48\s?\(\s?|\srandom\s?\(\s?|\sseed48\s?\(\s?|\ssetstate\s?\(\s?|\ssrand\s?\(\s?|\sstrfry\s?\(\s?|\ssrandom\s?\(\s?
input validation
recv\s?\(|recvfrom\s?\(|recvmsg\s?\(|fread\s?\(|readv\s?\(
executable load injection
CreateProcess\s?\(\s?NULL\s?,
errno error
if\s?\(\s?errno\s?=\s?E|if\s?\(\s?E[A-Za-z]*\s?=\s?errno
banned vararg variable argument sprintf cwe-120
wvsprintf\s?\(|wvsprintfA\s?\(|wvsprintfW\s?\(|vsprintf\s?\(|_vstprintf\s?\(|vswprintf\s?\(|_vsnprintf\s?\(|_vsnwprintf\s?\(|_vsntprintf\s?\(|wvnsprintf\s?\(|wvnsprintfA\s?\(|wvnsprintfW\s?\(
banned string tokenizing
strtok\s?\(|_tcstok\s?\(|wcstok\s?\(|_mbstok\s?\(
banned string length
strlen\s?\(|wcslen\s?\(|_mbslen\s?\(|_mbstrlen\s?\(|StrLen\s?\(|lstrlen\s?\(
banned string copy cwe-120
strncpy\s?\(|wcsncpy\s?\(|_tcsncpy\s?\(|_mbsncpy\s?\(|_mbsnbcpy\s?\(|StrCpyN\s?\(|StrCpyNA\s?\(|StrCpyNW\s?\(|StrNCpy\s?\(|strcpynA\s?\(|StrNCpyA\s?\(|StrNCpyW\s?\(|lstrcpyn\s?\(|lstrcpynA\s?\(|lstrcpynW\s?\(|_fstrncpy\s?\(|lstrcpy\s?\(|wcscpy\s?\(|_tcscpy\s?\(|_mbscpy\s?\(
banned scanf copy cwe-120 cwe-20
scanf\s?\(|wscanf\s?\(|_tscanf\s?\(|sscanf\s?\(|swscanf\s?\(|_stscanf\s?\(|snscanf\s?\(|snwscanf\s?\(|_sntscanf\s?\(
banned n string cwe-120
strncat\s?\(|wcsncat\s?\(|_tcsncat\s?\(|_mbsncat\s?\(|_mbsnbcat\s?\(|StrCatN\s?\(|StrCatNA\s?\(|StrCatNW\s?\(|StrNCat\s?\(|StrNCatA\s?\(|StrNCatW\s?\(|lstrncat\s?\(|lstrcatnA\s?\(|lstrcatnW\s?\(|lstrcatn\s?\(|_fstrncat\s?\(
banned memory copy overflow buffer
memcpy\s?\(|CopyMemory\s?\(|bcopy\s?\(|RtlCopyMemory\s?\(
banned gets cwe-120 cwe-20
gets\s?\(|_getts\s?\(|_gettws\s?\(
banned deprecated getlogin
getlogin\(.*\)
ColdFusion
xss cross-site scripting cwe-79
( =\s.*|\<input ).*value=\s?(\"|\')\#(url|form)\.
xss
<input .*value=\"\#(url|form)
xss
=\s*\'\#(url|form)\..*\#\';
sql injection
cfx_ingres .*\"\s*select .*from .*\'?#(form|url)\.
sql injection
cfx_ingres .*\"\s*delete .*from .*\'?#(form|url)\.
sql injection
cfx_ingres .*\"\s*insert into .*\'?#(form|url)\.
sql injection
cfx_ingres .*\"\s*update .* set .*\'?#(form|url)\.
deprecated obsolete functions cwe-477
<\s?cfapplet|cfapplet\s?\(|<\s?cfpresentation\s|<\s?cfsprydataset|cfsprydataset\s?\(|<\s?cfgraph|cfgraph\s?\(|<\s?cfgraphdata|cfgraphdata\s?\(|<\s?cfservlet|cfservlet\s?\(|<\s?cfservletparam|cfservletparam\s?\(|<\s?GetK2ServerDocCount|GetK2ServerDocCount\s?\(|<\s?GetK2ServerDocCountLimit|GetK2ServerDocCountLimit\s?\(|<\s?GetTemplatePath|GetTemplatePath\s?\(|<\s?IsK2ServerABroker|IsK2ServerABroker\s?\(|<\s?IsK2ServerDocCountExceeded|IsK2ServerDocCountExceeded\s?\(|<\s?IsK2ServerOnLine|IsK2ServerOnLine\s?\(|<\s?ParameterExists|ParameterExists\s?\(|<\s?AuthenticatedContext|AuthenticatedContext\s?\(|<\s?AuthenticatedUser|AuthenticatedUser\s?\(|<\s?isAuthenticated|isAuthenticated\s?\(|<\s?isAuthorized|isAuthorized\s?\(|<\s?isProtected|isProtected\s?\(|<\s?cftextinput|cftextinput\s?\(
deprecated obsolete attributes cwe-477
<\s?cfcache.*cachedirectory\s?\=|<\s?cfcache.*timeout|<\s?cfform.*enableCAB|<\s?cfftp.*agentname|<\s?cfinput.*passthrough|<\s?cfldap.*filterFile|<\s?cflog.*(date|thread|time)|<\s?cfsearch.*(external|language)|<\s?cfselect.*passthrough|<\s?cfslider.*(img|imgStyle|grooveColor|refreshLabel|tickmarkimages|tickmarklabels|tickmarkmajor|tickmarkminor)|<\s?cfgridupdate.*(connectString|dbName|dbServer|dbType|provider|providerDSN)|<\s?cfinsert.*(connectString|dbName|dbServer|dbType|provider|providerDSN)|<\s?cfstoreproc.*(connectString|dbName|dbServer|dbType|provider|providerDSN)|<\s?cfupdate.*(connectString|dbName|dbServer|dbType|provider|providerDSN)|<\s?cfquery.*(connectString|dbName|dbServer|dbType|provider|providerDSN|sql|dynamic|ODBC|Oracle73|Oracle80|Sybase11|OLEDB|DB2)
deprecated obsolete attribute values cwe-477
<\s?SetLocale.*locale\s?\=\s?('|")Spanish \(Mexican\)|<\s?cfchart.*style\s?\=.*XML|<\s?cftree.*format\s?\=.*applet|<\s?cfgrid.*format\s?\=.*applet|<\s?cfdocument\s.*format\s?=.*flashpaper|<\s?cfcollection.*action\s?\=.*map|<\s?cfcollection.*action\s?\=.*repair|<\s?cferror.*exception\s?\=.*monitor|<\s?cffile.*attributes\s?\=.*system|<\s?cffile.*attributes\s?\=.*temporary
debug information_leak
\<cfdump
command injection exec
\<cfexecute
ERB
xss, jquery, javascript
\.(html|before|after|append|prepend|appendTo|prependTo)\s*\(
HTML
xss, jquery, javascript
\.(html|before|after|append|prepend|appendTo|prependTo)\s*\(
hidden
<input.*\'?\"?hidden\'?\"?
Java
web http request input validation
getParameterNames\s?\(|getParameter\s?\(|getParameterValues\s?\(|getParamaterMap\s?\(
weak hash algorithm
\.getInstance\s?\(\s?\"(MD5|SHA-1)\"
unsafe file access vert.x
response\.sendFIle\s?\(|response\s?\(\s?\)\.sendFile\s?\(
stack trace
printStackTrace\s?\(
session request input validation
session\.setAttribute\(\".*\",\s*req(uest)?\.getParameter\(
resource executable access
openOrCreateDatabase\s?\(
resource executable access
getIntent\s\(
log logger sensitive information
log(ger)?\..*?\(.*(([^a-z]ssn[^a-z])|getssn|ssn\(|socialsecurity|taxid|email|e_mail|emailaddress|pass|amount|account|acct|address|phone|phonenumber|zip|postal)
load library
System\.loadLibrary\(
insecure weak random entropy
java\.util\.Random
insecure certificate validation cwe-295
X509Certificate\[\s?\]\s*getAcceptedIssuers\(\s?\)
ecb weak encryption mode
Cipher....Instance\s?\(\s?\".*ECB
des weak encryption algorithm
Cipher.newInstance\s?\(\s?\"DES|Cipher.getInstance\s?\(\s?\"DES
command runtime exec
getRuntime\s?\(
buffer overflow unsafe cwe-120
sun\.misc\.Unsafe
Javascript
xss, jquery, javascript
\.(html|before|after|append|prepend|appendTo|prependTo)\s*\(
web sockets
ws:\/\/
privacy geolocation
navigator.geolocation.getCurrentPosition
postmessage html5
\.postMessage\s?\(.*\,.*\*.*\)
logic bug
if\s?\(\s?.*\s?(?<!\!)(?<!=)(?<!<)(?<!>)=(?!=)\s?('|").*('|")\s?\)
location sink
location\.replace
local storage data
localStorage\.
insecure weak random entropy
Math\.random\s?\(
inner html sink
\.innerHTML
eval sink
eval\s?\(
document write sink
document\.write
JSP
xss cross-site scripting cwe-79
\<\%(\s*print|=)\s*request\.get(Parameter|QueryString)\s?\(
xss cross-site scripting cwe-79
out\.println\s*\(\s*request\.get(Parameter|QueryString)\s*\(\s*\"
xss cross-site scripting cwe-79
input.*type=(\"|\')?hidden.*=.*request\.get(Parameter|QueryString)
xss
\<\%=\s*request\.get(?!(Parameter|QueryString)).*\(
xss
\<\%=\s*request\.getParameter\(
xss
\<\%=\s*request\.getQueryString\(
xss
\<\%=\s*request\.(getParameter|getQueryString)\s*\(
weak hash algorithm
\.getInstance\s?\(\s?\"(MD5|SHA-1)\"
stack trace
\.printStackTrace\s?\(
local file inclusion
<jsp:include[^>]*request\.
local file include
(\%\@include[^>]*file\=.*\<\%\=.*|<jsp:include[^>]*)request\.
header injection
\.addHeader\s?\(\s?(\'|\").*(\'|\")\s?,
Objective C
weak hash md5
CC_MD5\s?\(
uuid privacy deprecated
uniqueGlobalDeviceIdentifier
script injection
stringByEvaluatingJavaScriptFromString
log data
NSLog\s?\(
insecure certificate validation cwe-295
AnyHTTPSCertificate
file information_leak injection
\[.*\ writeToFile\s?\:.*\]
cookie session data
\sdateByAddingTimeInterval\s?\:.*\sforKey\s?\:\s?NSHTTPCookieExpires
PHP
xss multiple sinks
(echo(\s*\()?|(print(_r)?|exit|die|printf|vprintf|trigger_error|user_error|odbc_result_all|ovrimos_result_all|ifx_htmltbl_result)\s*\()\s*[^;]*\$_(GET|POST|REQUEST|SERVER|COOKIE)
xss cross-site scripting cwe-79
(echo|print|print_r|exit|die|printf|vprintf).*?\s*\$_((POST|GET)\[.*?\]|SERVER\[.?(REQUEST_URI|QUERY_STRING))
xss cross-site scripting cwe-79
\.\=.*?\s*\$_((POST|GET)\[.*?\]|SERVER\[.?(REQUEST_URI|QUERY_STRING))
weak hash
md5\s?\(
weak encryption algorithm
CRYPT_STD_DES|CRYPT_EXT_DES|CRYPT_MD5
sql injection cwe-89
\"\ *(S|s)(E|e)(L|l)(E|e)(C|c)(T|t)[^"]*"\ *\.\ *\w[^.]*\.\ *\"
sql injection cwe-89
mysql_query\s?\(|mysqli_query\s?\(|pg_execute\s?\(|pg_insert\s?\(|pg_query\s?\(|pg_select\s?\(|pg_update\s?\(|sqlite_query\s?\(|msql_query\s?\(|mssql_query\s?\(|odbc_exec\s?\(|fbsql_query\s?\(|sybase_query\s?\(|ibase_query\s?\(|dbx_query\s?\(|ingres_query\s?\(|ifx_query\s?\(|oci_parse\s?\(|sqlsrv_query\s?\(|maxdb_query\s?\(|db2_exec\s?\(
preg evaluate code
preg_replace\s?\(
obsolete,unsupported
\$HTTP_(SERVER|GET|POST|SESSION|ENV|COOKIE)_VARS|\$HTTP_POST_FILES
object injection cwe-94
unserialize\s?\(
logic bug
if\s?\(\s?.*\s?(?<!\!)(?<!=)(?<!<)(?<!>)=(?!=)\s?('|").*('|")\s?\)
insecure weak random
mt_rand\s?\(|srand\s?\(
insecure weak random
uniqid\s?\(
information_leak info
phpinfo\s?\(|show_source\s?\(|highlight_file\s?\(
header injection
[^a-zA-Z_]header\s?(\(|'|\"|$).+\$.+
header injection
_SERVER\[\s*('|")HTTP_HOST('|")\s*\]
file include require
require\s?(\(|'|\"|$).*\\$.*$
file include require
require_once\s?(\(|'|\"|$).*\\$.*$
file include
include\s?(\(|'|\"|$).*\\$.*$
file include
include_once\s?(\(|'|\"|$).*\\$.*$
depricated function encryption
mcrypt_cbc\s?\(|mcrypt_cfb\s?\(|mcrypt_ecb\s?\(|mcrypt_ofb\s?\(|mcrypt_encrypt\s?\(
depricated function encryption
mcrypt_generic_end\s?\(
dangerous function command execution
shell_exec\s?\(
dangerous function command execution
system\s?\(
dangerous function command execution
(?<!curl_)exec\s?\(
dangerous function command execution
popen\s?\(
dangerous function command execution
passthru\s?\(
dangerous function command execution
proc_open\s?\(
dangerous function command execution
pcntl_exec\s?\(
dangerous function command execution
expect_popen\s?\(
dangerous function command execution
^.*\`.*\`.*$
dangerous function code execution
eval\s?\(
dangerous function code execution
assert\s?\(
dangerous function code execution
create_function\s?\(
dangerous function code execution
register_shutdown_function\s?\(
dangerous function code execution
register_tick_function\s?\(
dangerous function code execution
dl\s?\(
Python
rsa exponent
RSA\.gen_key\s*?\(\s*?[^,]+\s*?,\s*?(1|3)\s*?,
python crypto sha1
(sha\.new\(|from\shashlib\simport\ssha1|hashlib\.sha1\()
python crypto md5
(md5\.new\(|from\shashlib\simport\smd5|hashlib\.md5\()
insecure weak random entropy
random.random\s?\(\s?\)
insecure certificate validation cwe-295
requests\..*\(.*verify\=False
Ruby
ruby on rails arbitrary render path
render\s*(\(|\s)\s*params\s*\[(?!\s*:?['"]?(id|action|controller))
regex input validation bypass
=~\s?\/\^.*\$\/
insecure communication
URI\s?\(\s?(\'|\")\s?http:
eval, ruby
eval(\s*\(|\s+)
dynamic method invoke inject
__send__\s?\(?|send\s?\(|public_send\s?\(
command system injection
system\s?\(
command shell exec
%x\s?[\!\@\#\$\%\^\&\*\(\)\-\`\[\]\{\}\<\>\?\,\.\/].*[\!\@\#\$\%\^\&\*\(\)\-\`\[\]\{\}\<\>\?\,\.\/]
command process exec
open\s?\(
command popen exec
IO\.popen\s?\(
command kernel exec
Kernel\.exec\s?\(
Visual Basic
weak hash algorithm
MD5.Create\s?\(|MD5CryptoServiceProvider|MD5Cng
insecure weak random entropy
Rnd\s?\(