2
0
Fork 0
mirror of https://github.com/carlospolop/hacktricks synced 2025-02-20 16:08:27 +00:00

Translated ['network-services-pentesting/pentesting-web/code-review-tool

This commit is contained in:
Translator 2024-09-27 11:28:12 +00:00
parent f7189cfa8f
commit 78e9df600f

View file

@ -1,8 +1,8 @@
# Mapitio ya Msimbo wa Chanzo / Zana za SAST
{% hint style="success" %}
Jifunze na fanya mazoezi ya AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Jifunze na fanya mazoezi ya GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
Jifunze na fanya mazoezi ya AWS Hacking:<img src="../../.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../.gitbook/assets/arte.png" alt="" data-size="line">\
Jifunze na fanya mazoezi ya GCP Hacking: <img src="../../.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>
@ -222,7 +222,7 @@ echo $FINAL_MSG
Unaweza kuona matokeo katika [**https://microsoft.github.io/sarif-web-component/**](https://microsoft.github.io/sarif-web-component/) au kutumia nyongeza ya VSCode [**SARIF viewer**](https://marketplace.visualstudio.com/items?itemName=MS-SarifVSCode.sarif-viewer).
Unaweza pia kutumia [**nyongeza ya VSCode**](https://marketplace.visualstudio.com/items?itemName=GitHub.vscode-codeql) kupata matokeo ndani ya VSCode. Bado utahitaji kuunda database kwa mikono, lakini kisha unaweza kuchagua faili zozote na kubonyeza `Right Click` -> `CodeQL: Run Queries in Selected Files`
Pia unaweza kutumia [**nyongeza ya VSCode**](https://marketplace.visualstudio.com/items?itemName=GitHub.vscode-codeql) kupata matokeo ndani ya VSCode. Bado utahitaji kuunda database kwa mikono, lakini kisha unaweza kuchagua faili zozote na kubonyeza `Right Click` -> `CodeQL: Run Queries in Selected Files`
### [**Snyk**](https://snyk.io/product/snyk-code/)
@ -267,7 +267,7 @@ $ tar -xf insider_2.1.0_linux_x86_64.tar.gz
$ chmod +x insider
$ ./insider --tech javascript --target <projectfolder>
```
### [**DeepSource**](https://deepsource.com/pricing)&#x20;
### [**DeepSource**](https://deepsource.com/pricing)
Bila malipo kwa **repo za umma**.
@ -279,7 +279,10 @@ Bila malipo kwa **repo za umma**.
brew install yarn
# Run
cd /path/to/repo
yarn audit
yarn install
yarn audit # In lower versions
yarn npm audit # In 2+ versions
npm audit
```
* **`pnpm`**
@ -288,9 +291,10 @@ npm audit
npm install -g pnpm
# Run
cd /path/to/repo
pnpm install
pnpm audit
```
* [**nodejsscan**](https://github.com/ajinabraham/nodejsscan)**:** Skana wa usalama wa msimbo wa statiki (SAST) kwa programu za Node.js unaotumiwa na [libsast](https://github.com/ajinabraham/libsast) na [semgrep](https://github.com/returntocorp/semgrep).
* [**nodejsscan**](https://github.com/ajinabraham/nodejsscan)**:** Skana wa usalama wa msimbo wa statiki (SAST) kwa programu za Node.js zinazotumiwa na [libsast](https://github.com/ajinabraham/libsast) na [semgrep](https://github.com/returntocorp/semgrep).
```bash
# Install & run
docker run -it -p 9090:9090 opensecurity/nodejsscan:latest
@ -311,7 +315,7 @@ retire --colors
## Python
* [**Bandit**](https://github.com/PyCQA/bandit)**:** Bandit ni chombo kilichoundwa kutafuta masuala ya kawaida ya usalama katika msimbo wa Python. Ili kufanya hivyo, Bandit inachakata kila faili, inajenga AST kutoka kwake, na inatekeleza nyongeza zinazofaa dhidi ya voz nodes za AST. Mara Bandit inapokamilisha skanning ya faili zote, inazalisha ripoti.
* [**Bandit**](https://github.com/PyCQA/bandit)**:** Bandit ni chombo kilichoundwa kutafuta masuala ya kawaida ya usalama katika msimbo wa Python. Ili kufanya hivyo, Bandit inachakata kila faili, inajenga AST kutoka kwake, na inatekeleza nyongeza zinazofaa dhidi ya voz nodes za AST. Mara Bandit inapokamilisha skanning ya faili zote, inaunda ripoti.
```bash
# Install
pip3 install bandit
@ -319,14 +323,14 @@ pip3 install bandit
# Run
bandit -r <path to folder>
```
* [**safety**](https://github.com/pyupio/safety): Safety inakagua utegemezi wa Python kwa ajili ya udhaifu wa usalama unaojulikana na inapendekeza marekebisho sahihi kwa udhaifu ulio gundulika. Safety inaweza kuendeshwa kwenye mashine za waendelezaji, katika mchakato wa CI/CD na kwenye mifumo ya uzalishaji.
* [**safety**](https://github.com/pyupio/safety): Safety inakagua utegemezi wa Python kwa udhaifu wa usalama unaojulikana na inapendekeza marekebisho sahihi kwa udhaifu ulio gundulika. Safety inaweza kuendeshwa kwenye mashine za waendelezaji, katika mchakato wa CI/CD na kwenye mifumo ya uzalishaji.
```bash
# Install
pip install safety
# Run
safety check
```
* [~~**Pyt**~~](https://github.com/python-security/pyt): Haijashughulikiwa.
* [~~**Pyt**~~](https://github.com/python-security/pyt): Haijatunzwa.
## .NET
```bash
@ -393,7 +397,7 @@ https://github.com/securego/gosec
1. Burp:
* Spider na gundua maudhui
* Sitemap > filter
* Sitemap > bonyeza-kulia kwenye domain > Zana za ushirikiano > Pata scripts
* Sitemap > bonyeza kulia kwenye domain > Zana za ushirikiano > Tafuta scripts
2. [WaybackURLs](https://github.com/tomnomnom/waybackurls):
* `waybackurls <domain> |grep -i "\.js" |sort -u`
@ -415,35 +419,35 @@ https://github.com/securego/gosec
* Tumia [JS Miner](https://github.com/PortSwigger/js-miner) kutafuta.
* Hakikisha skana hai inafanywa.
* Soma '[Tips/Notes](https://github.com/minamo7sen/burp-JS-Miner/wiki#tips--notes)'
* Ikiwa zimepatikana, tumia [Maximize](https://www.npmjs.com/package/maximize) kuondoa obfuscation.
* Ikiwa imepatikana, tumia [Maximize](https://www.npmjs.com/package/maximize) kuondoa obfuscation.
2. Bila .map files, jaribu JSnice:
* Marejeleo: [http://jsnice.org/](http://jsnice.org/) & [https://www.npmjs.com/package/jsnice](https://www.npmjs.com/package/jsnice)
* Vidokezo:
* Ikiwa unatumia jsnice.org, bonyeza kwenye kitufe cha chaguo kilicho karibu na kitufe cha "Nicify JavaScript", na uondoe "Infer types" ili kupunguza machafuko katika msimbo.
* Hakikisha huacha mistari yoyote tupu kabla ya script, kwani inaweza kuathiri mchakato wa kuondoa obfuscation na kutoa matokeo yasiyo sahihi.
4. Kwa baadhi ya mbadala za kisasa zaidi kwa JSNice, unaweza kutaka kuangalia yafuatayo:
* Ikiwa unatumia jsnice.org, bonyeza kitufe cha chaguzi kilicho karibu na kitufe cha "Nicify JavaScript", na uondoe "Infer types" ili kupunguza machafuko katika msimbo.
* Hakikisha huachi mistari yoyote ya tupu kabla ya script, kwani inaweza kuathiri mchakato wa kuondoa obfuscation na kutoa matokeo yasiyo sahihi.
3. Kwa baadhi ya mbadala za kisasa zaidi kwa JSNice, unaweza kutaka kuangalia yafuatayo:
* [https://github.com/pionxzh/wakaru](https://github.com/pionxzh/wakaru)
* > Javascript decompiler, unpacker na unminify toolkit
> Wakaru ni decompiler ya Javascript kwa frontend ya kisasa. Inarejesha msimbo wa asili kutoka kwa chanzo kilichofungwa na kilichotranspiled.
* > Javascript decompiler, unpacker na unminify toolkit Wakaru ni decompiler ya Javascript kwa frontend ya kisasa. Inarejesha msimbo wa asili kutoka kwa chanzo kilichofungwa na kilichotranspiled.
* [https://github.com/j4k0xb/webcrack](https://github.com/j4k0xb/webcrack)
* > Deobfuscate obfuscator.io, unminify na unpack bundled javascript
* > Deobfuscate obfuscator.io, unminify na unpack javascript iliyofungwa
* [https://github.com/jehna/humanify](https://github.com/jehna/humanify)
* > Un-minify Javascript code using ChatGPT
> Zana hii inatumia mifano mikubwa ya lugha (kama ChatGPT & llama2) na zana nyingine kuondoa un-minify Javascript code. Kumbuka kwamba LLMs hazifanyi mabadiliko yoyote ya muundo zinatoa tu vidokezo vya kubadilisha majina ya mabadiliko na kazi. Kazi nzito inafanywa na Babel kwenye kiwango cha AST ili kuhakikisha msimbo unabaki sawa 1-1.
* > Un-minify Javascript code kwa kutumia ChatGPT Zana hii inatumia mifano mikubwa ya lugha (kama ChatGPT & llama2) na zana nyingine kuondoa un-minify Javascript code. Kumbuka kwamba LLMs hazifanyi mabadiliko yoyote ya muundo zinatoa tu vidokezo vya kubadilisha majina ya mabadiliko na kazi. Kazi nzito inafanywa na Babel kwenye kiwango cha AST ili kuhakikisha msimbo unabaki sawa.
* [https://thejunkland.com/blog/using-llms-to-reverse-javascript-minification.html](https://thejunkland.com/blog/using-llms-to-reverse-javascript-minification.html)
* > Kutumia LLMs kubadilisha majina ya mabadiliko ya Javascript
3. Tumia `console.log()`;
* Tafuta thamani ya kurudi mwishoni na ibadilishe kuwa `console.log(<packerReturnVariable>);` ili js iliyondolewa obfuscation iweze kuchapishwa badala ya kutekelezwa.
* Kisha, bandika js iliyobadilishwa (na bado imefichwa) kwenye [https://jsconsole.com/](https://jsconsole.com/) ili kuona js iliyondolewa obfuscation ikichapishwa kwenye console.
* Mwishowe, bandika matokeo yaliyondolewa obfuscation kwenye [https://prettier.io/playground/](https://prettier.io/playground/) ili kuipamba kwa uchambuzi.
* **Kumbuka**: Ikiwa bado unaona js iliyofungwa (lakini tofauti), inaweza kuwa imefungwa kwa njia ya kurudi. Rudia mchakato.
* **Kumbuka**: Ikiwa bado unaona js iliyofungwa (lakini tofauti), inaweza kuwa imefungwa kwa kurudi. Rudia mchakato.
#### References
* [YouTube: DAST - Javascript Dynamic Analysis](https://www.youtube.com/watch?v=_v8r_t4v6hQ)
* [YouTube: DAST - Javascript Dynamic Analysis](https://www.youtube.com/watch?v=\_v8r\_t4v6hQ)
* [https://blog.nvisium.com/angular-for-pentesters-part-1](https://web.archive.org/web/20221226054137/https://blog.nvisium.com/angular-for-pentesters-part-1)
* [https://blog.nvisium.com/angular-for-pentesters-part-2](https://web.archive.org/web/20230204012439/https://blog.nvisium.com/angular-for-pentesters-part-2)
* [devalias](https://twitter.com/_devalias)'s [GitHub Gists](https://gist.github.com/0xdevalias):
* [devalias](https://twitter.com/\_devalias)'s [GitHub Gists](https://gist.github.com/0xdevalias):
* [Deobfuscating / Unminifying Obfuscated Web App Code](https://gist.github.com/0xdevalias/d8b743efb82c0e9406fc69da0d6c6581#deobfuscating--unminifying-obfuscated-web-app-code)
* [Reverse Engineering Webpack Apps](https://gist.github.com/0xdevalias/8c621c5d09d780b1d321bfdb86d67cdd#reverse-engineering-webpack-apps)
* [etc](https://gist.github.com/search?q=user:0xdevalias+javascript)
@ -460,8 +464,8 @@ https://github.com/securego/gosec
* [https://github.com/jshint/jshint/](https://github.com/jshint/jshint/)
{% hint style="success" %}
Learn & practice AWS Hacking:<img src="/.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="/.gitbook/assets/arte.png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="/.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="/.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
Learn & practice AWS Hacking:<img src="../../.gitbook/assets/arte.png" alt="" data-size="line">[**HackTricks Training AWS Red Team Expert (ARTE)**](https://training.hacktricks.xyz/courses/arte)<img src="../../.gitbook/assets/arte.png" alt="" data-size="line">\
Learn & practice GCP Hacking: <img src="../../.gitbook/assets/grte.png" alt="" data-size="line">[**HackTricks Training GCP Red Team Expert (GRTE)**<img src="../../.gitbook/assets/grte.png" alt="" data-size="line">](https://training.hacktricks.xyz/courses/grte)
<details>