Cobra itself is a white box scanning framework, and other black-and-white box scanner, the number of loopholes can be swept depends on the quality and quantity of your scanning rules. The Cobra open source version currently provides only a few test scans for everyone to use. Cobra core contributors will share all private scanning rules, and Cobra Online will also open all scanning rules.
If you have a good scan rule, please update to here after creating a Rule Issue.
This chapter is perfect, please continue to pay attention!
You can use this to learn how to write a scan rule: Cobra scan rule writing
Open scan rule list (sorted)
SSRF | curl |
---|---|
Author | Feei |
Language | PHP |
Regex location | curl_setopt\s?\(.*,\s?CURLOPT_URL\s?,(.*)\) |
Regex repair | curl_setopt\s?\(.*,\s?CURLOPT_PROTOCOLS\s?,(.*)\) |
TestCase | TODO |
Repair | WAVR(SSRF) |
Trojan | eval |
---|---|
Author | Feei |
Language | PHP |
Regex location | eval\(base64_decode\(\$_POST\[ |
Regex repair | None |
TestCase | TODO |
Repair | TODO |
Hard-coded Password | md5 |
---|---|
Author | Magerx |
Language | PHP |
Regex location | ([\$\w\->]+\s*(?:=|=>)\s*["'][a-f0-9]{32}\s*["']\s*[;,]) |
Regex repair | None |
TestCase | TODO |
Repair | WAVR(Hard-coded Password) |