Parse asts and match patterns #9
Closed
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Co-authored-by: script3r <script3r@gmail.com>
This commit expands the API patterns for various cryptographic libraries to improve detection accuracy. Co-authored-by: script3r <script3r@gmail.com>
…otlin - Add comprehensive default glob patterns for all supported languages - Add support for Swift (.swift), Objective-C (.m, .mm, .M), and Kotlin (.kt, .kts) - Implement glob-based file filtering to only process source files - Update language detection to handle new file extensions - Add --patterns CLI argument for specifying patterns file path - Update README with new language support and performance optimizations - Optimize file discovery by pre-filtering with glob patterns Performance improvements: - Only processes relevant source files, skipping docs/images/binaries - Significant speedup on large repositories with many non-source files - Maintains accuracy while reducing unnecessary file processing
- Apply consistent formatting across all Rust files - Fix line length and spacing issues - Ensure code follows Rust style guidelines
- Add --progress CLI flag to show progress bar during scanning - Implement progress callback system in scanner core - Add indicatif dependency for beautiful progress bars - Show file count, percentage, and findings count in real-time - Progress bar displays: [████████████████████████████████████████] 8943/10880 files (82%) | Found 8 findings - Works with parallel processing using crossbeam channels - Optional feature - no progress shown by default - Update README with new --progress flag documentation Example usage: cryptofind --progress /path/to/large/project cryptofind --patterns custom.toml --progress --threads 8 /src
- Apply consistent formatting across all Rust files - Fix spacing and indentation issues in progress reporting code - Ensure code follows Rust style guidelines
…r-984e Rust crypto library scanner
- Add 20+ new library patterns across 6 languages - Enhanced C/C++: MbedTLS, wolfSSL/wolfCrypt, Botan - Enhanced Java: JCA/JCE, Google Tink, Conscrypt - Enhanced Go: std crypto, Google Tink - Enhanced Rust: ring, openssl bindings - New Swift: CryptoKit, CommonCrypto, CryptoSwift, Swift-Sodium - New Kotlin: JCA/JCE, BouncyCastle, Korlibs Krypto - Enhanced PHP: Sodium, phpseclib, Halite Patterns focus on: - High precision (low false positives) - Specific import/include statements - Distinctive API function names - Industry-standard libraries - Modern cryptographic frameworks Total patterns: 30+ libraries across 10 languages
- Add [version] section to patterns.toml (required by schema) - Add PyCA cryptography, PyCryptodome, and PyNaCl patterns for Python - Ensure all integration tests pass with comprehensive pattern coverage - Maintain backward compatibility with existing fixtures
- Create detector-swift crate for Swift language support - Create detector-objc crate for Objective-C language support - Create detector-kotlin crate for Kotlin language support - Update main Cargo.toml workspace to include new detector crates - Update CLI Cargo.toml to depend on new detector crates - Update CLI main.rs to instantiate new detectors - All tests pass and scanner now supports 10 languages total Languages now supported: - C, C++, Java, Go, Rust, Python, PHP (existing) - Swift, Objective-C, Kotlin (new) This completes the detector infrastructure for all pattern languages.
- Update README to highlight 10 programming language support - Add comprehensive detector architecture section listing all detector crates - Fix Rust compiler warnings: - Prefix unused parameters with underscore in scan_optimized trait method - Remove unnecessary mut from findings_count variable - All tests pass with zero warnings - Documentation now accurately reflects the complete language ecosystem
…r-984e Cursor/rust crypto library scanner 984e
- Create static/ directory with minimal one-page website - Design inspired by rustup.rs with clean, modern aesthetic - Features: - Gradient background with card-based layout - Copy-to-clipboard functionality for code snippets - Responsive design for mobile and desktop - Language tags showing all 10 supported languages - Feature highlights with icons and descriptions - Quick start section with installation examples - Includes index.html, style.css, and README.md - Website is ready to serve with any static web server - Tested locally and working correctly
- Remove all colorful gradients and bright colors - Use clean black and white color scheme - Background: light gray (#f8f9fa) instead of gradient - Container: white with simple border instead of shadow - Headers: pure black (#000) instead of gradient text - Code blocks: black background with white text - Language tags: black background instead of blue - Copy buttons: gray/black instead of blue - Links: black instead of blue - Maintains rustup.rs minimal aesthetic - Tested and working correctly
- Remove feature cards (Fast & Efficient, Low False Positives, Multiple Outputs) - Add comprehensive example outputs section showing: - Table format (default) with realistic data - JSONL format with complete finding structure - SARIF format with proper security tool format - Add output format commands to Quick Start section - All examples are copyable with working copy buttons - Maintains clean black and white aesthetic - Shows actual tool capabilities instead of marketing copy - Tested and working correctly
- Remove SARIF format example and command - Add patterns.toml configuration examples: - Python library (PyCA cryptography) with import and API patterns - C/C++ library (OpenSSL) with include and function patterns - Show how to define library detection rules - Demonstrate regex patterns for different languages - All examples are copyable with working copy buttons - Maintains clean black and white aesthetic - More practical examples showing tool configuration
- Keep copy button only on the main installation command - Remove copy buttons from all example output code blocks: - Table format example - JSONL format example - Patterns configuration examples - Output format commands - Cleaner, less cluttered appearance - Focus copy functionality on the primary installation command - Maintains clean black and white aesthetic
- Add white-space: pre to prevent text wrapping - Reduce font size to 0.9rem for better fit - Improve line height to 1.4 for readability - Format TOML patterns with proper indentation: - Arrays on separate lines with proper indentation - Each pattern on its own line - Clean, readable structure - Format JSONL example with proper indentation: - Nested objects properly indented - Each property on separate line - Much more readable than minified JSON - All code blocks now display properly without wrapping - Maintains aesthetic appeal while improving readability
- Reduce code block padding from 1.5rem to 1rem 1.5rem (top/bottom, left/right) - Reduce container padding from 3rem to 2.5rem for better balance - Reduce install section padding from 2rem to 1.5rem - More consistent and balanced spacing throughout - Better visual hierarchy and proportions - Maintains clean, minimal aesthetic
- Complete rewrite from scratch with clean, minimal design - Inspired by ghostty.org aesthetic: - Clean white background with subtle borders - Minimal typography with proper spacing - Simple, focused layout - No excessive colors or gradients - New structure: - Clean header with logo and tagline - Single install section with copy button - Feature grid with icons and descriptions - Language tags in clean pill format - Example outputs with proper formatting - Simple footer with essential links - Improved readability: - Better typography hierarchy - Consistent spacing throughout - Clean code blocks with proper formatting - Responsive design for mobile - Much cleaner and more professional appearance - Maintains all functionality while improving aesthetics
- Update CLI package name from 'cryptofind' to 'cipherscope' - Update binary name from 'cryptofind' to 'cipherscope' - Update CLI command name and help text - Update README.md to use cipherscope command throughout - Update main Cargo.toml metadata (authors, homepage, repository) - Update SARIF example to use 'cipherscope' tool name - Binary now consistently named 'cipherscope' to match project name - All documentation and examples now use correct binary name - Tested: binary builds and runs correctly with new name
- Add Swift fixtures (main.swift): - CryptoKit usage (AES-GCM encryption) - CommonCrypto usage (SHA-256 hashing) - CryptoSwift pattern matching - Add Objective-C fixtures (main.m): - CommonCrypto usage (SHA-256 hashing) - OpenSSL usage (EVP API for hashing) - Add Kotlin fixtures (Main.kt): - JCA/JCE usage (AES encryption) - BouncyCastle usage (SHA-256 hashing) - Korlibs Krypto comments (for future patterns) - All fixtures test real cryptographic library usage - Scanner correctly detects all new language fixtures - Integration tests pass with new fixtures - Complete test coverage for all 10 supported languages
Co-authored-by: script3r <script3r@gmail.com>
Update algorithm deduplication logic and regenerate fixture files with new UUIDs and timestamps. Co-authored-by: script3r <script3r@gmail.com>
…yptographic-bill-of-materials-fad9 Generate minimal viable cryptographic bill of materials
Replaces regex-based pattern matching with AST parsing for more accurate cryptographic library and algorithm detection. Outputs findings in JSONL format. Co-authored-by: script3r <script3r@gmail.com>
|
Cursor Agent can help with this pull request. Just |
Replace pattern detectors with AST-based ones. Regenerate all ground truths and add a new test to validate them. Co-authored-by: script3r <script3r@gmail.com>
Co-authored-by: script3r <script3r@gmail.com>
Co-authored-by: script3r <script3r@gmail.com>
This commit introduces the ability to load AST patterns from TOML files, enabling more flexible and dynamic configuration of detectors. It also includes necessary dependency updates and refactors related to pattern management. Co-authored-by: script3r <script3r@gmail.com>
Co-authored-by: script3r <script3r@gmail.com>
Co-authored-by: script3r <script3r@gmail.com>
Co-authored-by: script3r <script3r@gmail.com>
Co-authored-by: script3r <script3r@gmail.com>
This commit refactors the AST-based detectors to properly load and utilize the PatternRegistry. This allows for more flexible and dynamic pattern management, moving away from hardcoded patterns. The changes include updating the CLI, tests, and the core scanner logic to integrate the registry effectively. Co-authored-by: script3r <script3r@gmail.com>
Co-authored-by: script3r <script3r@gmail.com>
Co-authored-by: script3r <script3r@gmail.com>
This commit adds support for PHP and Swift to the AST detector. It also includes updates to the ground truth data for various languages and libraries. Co-authored-by: script3r <script3r@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Migrates cryptographic detection to an AST-based approach and simplifies output to JSONL.
This change provides more precise detection of cryptographic libraries and algorithms by understanding code structure via AST parsing, replacing less accurate regex patterns, and offers a simpler, more consumable JSONL output format.