|
@
Semmle
SF | NYC | Seattle | Oxford | Copenhagen | Valencia
|
|
A code analysis platform for finding zero-days and automating variant analysis | Creators of QL and @LGTM
|
|
|
410
Tweetovi
|
21
Pratim
|
1.811
Osobe koje vas prate
|
| Tweetovi |
| Semmle proslijedio/la je tweet | ||
|
GitHub Security Lab
@GHSecurityLab
|
2. pro |
|
ICYMI: We're running a CTF until December 31st. Write a CodeQL query to find a specific class of DOM-based XSS vulns. The 2 best submissions will win Nintendo Switches, and 10 additional entries will receive coupons that can be used for GitHub Swag.
securitylab.github.com/ctf/jquery
|
||
|
|
||
| Semmle proslijedio/la je tweet | ||
|
GitHub Security Lab
@GHSecurityLab
|
25. stu |
|
We've just launched a new slack workspace for anyone interested in being part of the mission to secure the open source software we all depend on. ghsecuritylab.slack.com
If you'd like to receive an invitation to join the workspace, send us a DM with your email address.
|
||
|
|
||
| Semmle proslijedio/la je tweet | ||
|
GitHub Security Lab
@GHSecurityLab
|
17. stu |
|
Yesterday we had our first GitHub Security Meetup, with ligthning talks by @kevin_backhouse @Nosoynadiemas @agustingianni and Abishek Arya (Google). But also with exciting discussions with security folks. Thanks to all attendees and others: stay tuned for the next one in January. twitter.com/nicowaisman/st…
|
||
|
|
||
| Semmle proslijedio/la je tweet | ||
|
GitHub Security Lab
@GHSecurityLab
|
15. stu |
|
Learn how our security researcher @nicowaisman found wireless vulnerabilities in the Linux Kernel, and variants, thanks to CodeQL: securitylab.github.com/research/anato…
|
||
|
|
||
| Semmle proslijedio/la je tweet | ||
|
GitHub Security Lab
@GHSecurityLab
|
15. stu |
|
Want to challenge your vulnerability hunting skills? Try our latest Capture The Flag and discover XSS-unsafe jQuery plugins: securitylab.github.com/ctf/jquery
|
||
|
|
||
| Semmle proslijedio/la je tweet | ||
|
GitHub Security Lab
@GHSecurityLab
|
14. stu |
|
Check out the GitHub Security Lab bounty program! securitylab.github.com/bounties. Write a query, find bugs, get rewarded.
|
||
|
|
||
|
Semmle
@Semmle
|
14. stu |
|
Welcome to the GitHub Security Lab @GHSecurityLab! Join us and contribute to secure the world's code! Visit securitylab.github.com
|
||
|
|
||
|
Semmle
@Semmle
|
21. lis |
|
Want to learn more about QL and how you can use it to find variants of vulnerabilities in your code? Join us for our Semmle User Group this Wednesday night at Mozilla. See the event details for more information.
meetup.com/Semmle-San-Fra…
|
||
|
|
||
|
Semmle
@Semmle
|
16. lis |
|
Semmle security researcher @kevin_backhouse discloses another integer overflow vulnerability in libssh2, which could potentially lead to information disclosure blog.semmle.com/libssh2-intege…
|
||
|
|
||
|
Semmle
@Semmle
|
4. lis |
|
Wondering how @fjserna found 13 CVEs in U-boot? Watch his #BlackHat presentation "Using One Exploitable Zero-Day to Eradicate an Entire Class of Vulnerabilities" on-demand: hubs.ly/H0l0c_V0
|
||
|
|
||
|
Semmle
@Semmle
|
3. lis |
|
Is your code VUCA (Volatile, Uncertain, Complex, Ambiguous)? Let's see how the OODA Loops theory inspires our code review practices. hubs.ly/H0l0c_y0
|
||
|
|
||
| Semmle proslijedio/la je tweet | ||
|
Fermin J. Serna
@fjserna
|
3. lis |
|
Join us today for some @Semmle fun and examples of finding vulnerabilities! Let's democratize security twitter.com/Semmle/status/…
|
||
|
|
||
|
Semmle
@Semmle
|
2. lis |
|
In this video, @kevin_backhouse discusses the libssh2 integer overflows and out-of-bounds read he recently discovered. See how it can be triggered by connecting to a malicious ssh server hubs.ly/H0l094z0
|
||
|
|
||
|
Semmle
@Semmle
|
2. lis |
|
Imagine if your dev team could have automated code review powered by security expertise? Tomorrow, join @oegerikus and @fjserna to see how community-powered security can become a part of the developer’s workflow. hubs.ly/H0l092P0
|
||
|
|
||
| Semmle proslijedio/la je tweet | ||
|
Nico Waisman
@nicowaisman
|
30. ruj |
|
Thanks for everyone that attend my QL workshop at #Ekoparty!
Here is some of the material covered during the workshop:
github.com/nicowaisman/QL…
|
||
|
|
||
|
Semmle
@Semmle
|
1. lis |
|
Are unit tests really effective in preventing bugs? We analyzed over 50k LGTM projects in Java, Python, and Javascript to find out. hubs.ly/H0l17-D0
|
||
|
|
||
| Semmle proslijedio/la je tweet | ||
|
LGTM
@LGTM
|
1. lis |
|
Now in beta! LGTM is supporting Golang and we have some projects that you can explore. Check them out and suggest others you'd like us to analyze. hubs.ly/H0l167w0
|
||
|
|
||
| Semmle proslijedio/la je tweet | ||
|
Sam Lanning 🇬🇧🇪🇺
@samlanning
|
28. ruj |
|
Awesome meeting and hanging out with our CTF winner @l4wio at @owasp #GlobalAppSec blog.semmle.com/ctf-winners/ pic.twitter.com/bIGeJoryNR
|
||
|
|
||
|
Semmle
@Semmle
|
30. ruj |
|
.@mmolgtm takes a deep dive into past Android #deserialization vulnerabilities that exploited C++ pointers wrapped inside Java objects. hubs.ly/H0k_Nrz0
|
||
|
|
||
| Semmle proslijedio/la je tweet | ||
|
Sam Lanning 🇬🇧🇪🇺
@samlanning
|
27. ruj |
|
Was super fun speaking at @owasp #GlobalAppSec Amsterdam! Thanks to everyone who attended! twitter.com/KatyAnton/stat…
|
||
|
|
||