Overview - Code PathFinder
Introducing Code PathFinder, the open-source alternative to CodeQL. Designed for precise flow analysis and advanced structural search, it identifies vulnerabilities in your code. Currently optimized for Java, Code Pathfinder offers robust query support to enhance your code’s security and integrity.
Features
- Basic Query Support: Write queries to search for specific patterns in source code.
- Call Graph Analysis: Analyze method calls and data flow between methods.
- Source-Sink Analysis: Identify sources and sinks of sensitive data to check for vulnerabilities such as SQL injection, Cross-Site Scripting (XSS), and other issues highlighted in the OWASP Top 10.