README
¶
Amazon Q Detector Examples
Amazon Q is an AWS service that uses program analysis and machine learning to detect potential defects that are difficult for developers to find and offers suggestions for improvement. For more information about how to set up and use Q, see the Amazon Q User Guide.
This repo demonstrates some of Q's supported languages detectors. For more descriptions of each detector, see our Detector Library.
PLEASE NOTE: This repo is for demonstration purpose only. It is meant to educate people about 'security flaws'. The code examples contain vulnerable code and should not be used for real-word purposes.
Getting Help
Use the community resources below for getting help with AWS Q.
- Use GitHub issues to report bugs and request features.
- Open a support ticket with AWS Support.
- For contributing guidelines, refer to CONTRIBUTING.
Contributing
See CONTRIBUTING for more information.
License
This project is licensed under the MIT-0 License. See the LICENSE file.
Directories
¶
| Path | Synopsis |
|---|---|
|
golang
|
|
|
src/detectors/go-avoid-alert-dialog
command
{fact rule=go-avoid-alert-dialog@v1.0 defects=0}
|
{fact rule=go-avoid-alert-dialog@v1.0 defects=0} |
|
src/detectors/go-aws-unchecked-batch-failures
command
{fact rule=go-aws-unchecked-batch-failures@v1.0 defects=0}
|
{fact rule=go-aws-unchecked-batch-failures@v1.0 defects=0} |
|
src/detectors/go-bind-to-all-interfaces
command
{fact rule=go-bind-to-all-interfaces@v1.0 defects=0}
|
{fact rule=go-bind-to-all-interfaces@v1.0 defects=0} |
|
src/detectors/go-code-injection
command
{fact rule=go-code-injection@v1.0 defects=0}
|
{fact rule=go-code-injection@v1.0 defects=0} |
|
src/detectors/go-concatenation-sql-injection
command
{fact rule=go-concatenation-sql-injection@v1.0 defects=0}
|
{fact rule=go-concatenation-sql-injection@v1.0 defects=0} |
|
src/detectors/go-cross-site-scripting-ide
command
{fact rule=go-cross-site-scripting-ide@v1.0 defects=0}
|
{fact rule=go-cross-site-scripting-ide@v1.0 defects=0} |
|
src/detectors/go-decompression-bomb
command
{fact rule=go-decompression-bomb@v1.0 defects=0}
|
{fact rule=go-decompression-bomb@v1.0 defects=0} |
|
src/detectors/go-deprecated-get-configuration
command
{fact rule=go-deprecated-get-configuration@v1.0 defects=0}
|
{fact rule=go-deprecated-get-configuration@v1.0 defects=0} |
|
src/detectors/go-dir-traversal
command
{fact rule=go-dir-traversal@v1.0 defects=0}
|
{fact rule=go-dir-traversal@v1.0 defects=0} |
|
src/detectors/go-file-read-taint
command
{fact rule=go-file-read-taint@v1.0 defects=0}
|
{fact rule=go-file-read-taint@v1.0 defects=0} |
|
src/detectors/go-hardcoded-credentials
command
{fact rule=go-hardcoded-credentials@v1.0 defects=0}
|
{fact rule=go-hardcoded-credentials@v1.0 defects=0} |
|
src/detectors/go-hardcoded-secrets-basic-ide
command
{fact rule=go-hardcoded-secrets-basic-ide@v1.0 defects=0}
|
{fact rule=go-hardcoded-secrets-basic-ide@v1.0 defects=0} |
|
src/detectors/go-hardcoded-secrets-library-ide
command
{fact rule=go-hardcoded-secrets-library-ide@v1.0 defects=0}
|
{fact rule=go-hardcoded-secrets-library-ide@v1.0 defects=0} |
|
src/detectors/go-integer-overflow
command
{fact rule=go-integer-overflow@v1.0 defects=0}
|
{fact rule=go-integer-overflow@v1.0 defects=0} |
|
src/detectors/go-jwt-parse-unverified
command
{fact rule=go-jwt-parse-unverified@v1.0 defects=0}
|
{fact rule=go-jwt-parse-unverified@v1.0 defects=0} |
|
src/detectors/go-log-injection-ide
command
{fact rule=go-log-injection-ide@v1.0 defects=0}
|
{fact rule=go-log-injection-ide@v1.0 defects=0} |
|
src/detectors/go-no-sql-injection-ide
command
{fact rule=go-no-sql-injection-ide@v1.0 defects=0}
|
{fact rule=go-no-sql-injection-ide@v1.0 defects=0} |
|
src/detectors/go-path-traversal
command
{fact rule=go-path-traversal@v1.0 defects=0}
|
{fact rule=go-path-traversal@v1.0 defects=0} |
|
src/detectors/go-sql-injection-ide
command
{fact rule=go-sql-injection-ide@v1.0 defects=0}
|
{fact rule=go-sql-injection-ide@v1.0 defects=0} |
|
src/detectors/go-ssrf
command
{fact rule=go-ssrf@v1.0 defects=0}
|
{fact rule=go-ssrf@v1.0 defects=0} |
|
src/detectors/go-subproc
command
{fact rule=go-subproc@v1.0 defects=0}
|
{fact rule=go-subproc@v1.0 defects=0} |
|
src/detectors/go-unsafe
command
{fact rule=go-unsafe@v1.0 defects=0}
|
{fact rule=go-unsafe@v1.0 defects=0} |
|
src/detectors/go-unsafe-deserialization
command
{fact rule=go-unsafe-deserialization@v1.0 defects=0}
|
{fact rule=go-unsafe-deserialization@v1.0 defects=0} |
|
src/detectors/go-weak-crypto
command
{fact rule=go-weak-crypto@v1.0 defects=0}
|
{fact rule=go-weak-crypto@v1.0 defects=0} |
|
src/detectors/go-weak-rand-source
command
{fact rule=go-weak-rand-source@v1.0 defects=0}
|
{fact rule=go-weak-rand-source@v1.0 defects=0} |
|
src/detectors/go-wrong-clean-usage
command
{fact rule=go-wrong-clean-usage@v1.0 defects=0}
|
{fact rule=go-wrong-clean-usage@v1.0 defects=0} |
|
src/detectors/go-ziparchive
command
{fact rule=go-ziparchive@v1.0 defects=0}
|
{fact rule=go-ziparchive@v1.0 defects=0} |
|
src/detectors/multilanguage-avoid-hardcoded-dns
command
{fact rule=multilanguage-avoid-hardcoded-dns@v1.0 defects=0}
|
{fact rule=multilanguage-avoid-hardcoded-dns@v1.0 defects=0} |
Click to show internal directories.
Click to hide internal directories.