CodeCat is an open-source tool to help you find/track user input sinks and security bugs using static code analysis. These points follow regex rules. Current rules for C,C++,GO, Python, javascript, Swift, PHP, Ruby, ASP, Kotlin, Dart and Java.(you can create your rules).
Go to CodeCat directory, install backend and frontend libs:
$ apt install python3-venv python3-dev libffi-dev rustc libssl-dev
$ python3 -m venv .venv
$ . .venv/bin/activate
$ pip install wheel
$ pip install -r Frontend/requirements.txt
$ pip install -r Backend/requirements.txt
Run backend and frontend
$ cd Codecat
$ cd Frontend; python3 wsgi.py &
$ cd ..
$ cd Backend; python3 wsgi.py &
Next step you need save your user to login:
$ curl -i -X POST -H “Content-Type: application/json” -d ‘{“email”:”admin2@test.com”,”username”:”admin”,”password”:”rubrik123″}’ https://127.0.0.1:50001/api/users -k
These endpoint /API/users run only once in the first deployment. If you try to send a request again to insert a user, the endpoint return 404 is security to block resources of possible attacks.
Go to the following “https://127.0.0.1:50093/front/auth/”. Now you can enter this system-auth, use login “admin”, pass “rubrik123”.
Note About TLS: You can configure and load your TLS cert in “wsgi.py”.
Suppose you need to run in production. So I recommend another way.
$ gunicorn -b 127.0.0.1:50001 wsgi:app
If you want, you can use TLS with CERT resources:
$ gunicorn –certfile=server.crt –keyfile=server.key -b 127.0.0.1:50001 wsgi:app
The same command to frontend, but you need to use port 50093.
Tools and packages that are used for countering forensic activities, including encryption, steganography, and anything…
Avilla Forensics is located in first place in the award international Forensics 4:Cast, in the…
Comprehensive guide to leveraging Google Chrome's extensions for Open-Source Intelligence (OSINT) tasks. In this article,…
Embark on a journey into the realm of digital forensics with our exploration of 'Analisi-Digital-Forense.…
The intersection of intelligence, investigation, and mobility. In this comprehensive guide, we delve into the…
Tookie-osint has a simple-to-use UI and is really straightforward. The main idea of Tookie-osint is…