Code Injection Detector

Description

Code injection remains one of the top vulnerabilities in computer programs, but conventional mitigations (static analysis, fuzzing, machine learning) rely mostly on known software flaws or empirical analysis. A great deal of possible injections remains undetected and prime targets for attackers. A team of researchers have developed a formal verification approach that can check and list all unsafe functions/methods in a source code.

Applications

  • Software Scanning
  • Static code analysis