Joined June 2020
- Tweets 29
- Following 50
- Followers 760
- Likes 8
3 Photos and videos
11 Nov 2021
For your convenience, you can now dump a syntax-highlighted version of the ghidra decompiler output directly on the joern shell. (joern-1.1.313) - github.com/joernio/joern
17
88
8 Nov 2021
Today we release a new default C/C frontend. The frontend is based on Eclipse CDT, handles modern C and the preprocessor and does NOT require a working build environment. Enjoy! github.com/joernio/joern/pul…
14
57
8 Oct 2021
Bringing you some ridiculously effective micro-optimizations for calculation of the data dependence graph: github.com/joernio/joern/pul… - about 2x :)
1
6
21
18 Sep 2021
Psst. Joern 1.1.221 ships with a beta version of a new C/C frontend based on Eclipse CDT - out of the box handling of the preprocessor (including macro expansions), improved handling of templates and lambdas, more type information. Try out `importCode.newc("/path/to/code")`
8
20
Joern - the tool retweeted
31 Jul 2021
For not open source, try @joernio . I've had a good amount of success with this so far.
2
4
Joern - the tool retweeted
16 Jun 2021
Happy to present a first draft of the Code Property Graph Specification 1.1: cpg.joern.io/
19
34
Joern - the tool retweeted
29 May 2021
Updated my posts about @joernio to work with the newer API and with the the super cool inter-procedural data-flow analysis support.
jaiverma.github.io/blog/joer…
jaiverma.github.io/blog/joer…
9
33
27 May 2021
Joern will be presented at BlackHat Arsenal this summer: blackhat.com/us-21/arsenal/s…
14
70
Joern - the tool retweeted
11 May 2021
We automatically identified a buffer overflow in VLC's updater (again) using `joern-scan`. Fixed in most recent release. Here is the write-up: joern.io/blog/vlc-automatic-…
71
193
22 Apr 2021
And we forgot to click on "Set this link to never expire".. Please use this (permanent) link if you haven't joined us yet! discord.gg/vv4MH284Hc
14 Apr 2021
Interesting post from @Forescout on how to find bugs (RCE/DoS) in DNS implementations
forescout.com/company/blog/f…
- and they share their joern queries
github.com/Forescout/namewre…
5
18
7 Apr 2021
At this year's @NorthSec_io, @tuxology and @vickieli7 will be giving a workshop on building DIY static code analyzers with joern! nsec.io/session/2021-diy-sta…
1
8
33
1 Mar 2021
You can now use the Joern code querying engine for LLVM Bitcode! blog.llvm.org/posts/2021-02-… - Many thanks to @1101_debian of ShiftLeft for this contribution!
13
47
8 Feb 2021
Joern now supports querying Java bytecode! Many thanks to @SDBakerEffendi who has kindly integrated his Plume code property graph generator with the platform. Read his post here: joern.io/blog/plume-brings-j…
16
41
17 Jan 2021
Find realloc-related memory leaks:
cpg.call("realloc").filter(call => call.inAssignment.target.code.exists(_ == call.argument(1).code)).dump
15
39
3 Jan 2021
If you're looking for an adrenaline rush, you can now `curl -L github.com/ShiftLeftSecurity… | bash`. Use `sudo` for greater impact and `--reinstall` for `rm -rf` action #YOLO
1
1
5
Joern - the tool retweeted
3 Jan 2021
Awesome! And an impressive proportion of the bugs too with 67% versus 33% by fuzzing.
1
4
Joern - the tool retweeted
3 Jan 2021
Great to see the Joern code querying engine (github.com/ShiftLeftSecurity…) as the static bug hunting tool of choice for uncovering the Amnesia:33 TCP/IP stack vulns! forescout.com/company/resour…
1
11
62
Joern - the tool retweeted
24 Nov 2020
Wrote a little blogpost visualizing program structure characteristics for 12 million lines of code using @joernio and the Code Property Graph blog.shiftleft.io/visualizin…
10
22