irulescan is a static security analyzer for iRules

Related tags

Security tools security tcl f5 f5networks irules f5-bigip
Overview

irulescan

Test Build Docker Image Size (latest by date)

irulescan is a tool to scan iRules for unexpected/unsafe expressions that may have undesirable effects like double substitution.

irulescan would not exist without tclscan.

Usage

It is easiest to use the irulescan container to scan any irules.

By default the container will scan any .tcl and .irule file within the /scandir folder of the container.

Here is an example:

docker run -it --rm -v $PWD/tests/basic:/scandir simonkowallik/irulescan
---
/dangerous.tcl: |
  WARNING: Unquoted expr at `1` in `expr 1 + $one`
  WARNING: Unquoted expr at `+` in `expr 1 + $one`
  DANGEROUS: Dangerous unquoted expr at `$one` in `expr 1 + $one`
/ok.tcl: |
/warning.tcl: |
  WARNING: Unquoted expr at `1` in `expr 1 + 1`
  WARNING: Unquoted expr at `+` in `expr 1 + 1`
  WARNING: Unquoted expr at `1` in `expr 1 + 1`

Scanning a single file:

docker run -it --rm -v $PWD/tests/tcl/catch.tcl:/scandir/catch.tcl simonkowallik/irulescan
---
/catch.tcl: |
  WARNING: Unquoted expr at `1` in `expr 1`
  WARNING: Unquoted expr at `2` in `expr 2`

Invoking irulescan directly:

docker run -it --rm simonkowallik/irulescan irulescan
You might also like...
Whole program static stack analysis
Whole program static stack analysis

cargo-call-stack Static, whole program stack analysis Other examples: Embedded CoAP / IPv4 server (source) "Hello, world!" HEADS UP: This tool relies

Jorge Aparicio 457 Dec 22, 2022
Xori is an automation-ready disassembly and static analysis library for PE32, 32+ and shellcode
Xori is an automation-ready disassembly and static analysis library for PE32, 32+ and shellcode

Xori - Custom disassembly framework Xori is an automation-ready disassembly and static analysis library that consumes shellcode or PE binaries and pro

ENDGAME 712 Nov 28, 2022
Rust-verification-tools - RVT is a collection of tools/libraries to support both static and dynamic verification of Rust programs.

Rust verification tools This is a collection of tools/libraries to support both static and dynamic verification of Rust programs. We see static verifi

null 253 Dec 31, 2022
Easy c̵̰͠r̵̛̠ö̴̪s̶̩̒s̵̭̀-t̶̲͝h̶̯̚r̵̺͐e̷̖̽ḁ̴̍d̶̖̔ ȓ̵͙ė̶͎ḟ̴͙e̸̖͛r̶̖͗ë̶̱́ṉ̵̒ĉ̷̥e̷͚̍ s̷̹͌h̷̲̉a̵̭͋r̷̫̊ḭ̵̊n̷̬͂g̵̦̃ f̶̻̊ơ̵̜ṟ̸̈́ R̵̞̋ù̵̺s̷̖̅ţ̸͗!̸̼͋

Rust S̵̓i̸̓n̵̉ I̴n̴f̶e̸r̵n̷a̴l mutability! Howdy, friendly Rust developer! Ever had a value get m̵̯̅ð̶͊v̴̮̾ê̴̼͘d away right under your nose just when

null 294 Dec 23, 2022
Multiplex server for rust-analyzer, allows multiple LSP clients (editor windows) to share a single rust-analyzer instance per cargo workspace

ra-multiplex   Multiplex server for rust-analyzer, allows multiple LSP clients (editor windows) to share a single rust-analyzer instance per cargo wor

max 95 Dec 29, 2022
Shisho is a lightweight static analyzer for developers.
Shisho is a lightweight static analyzer for developers.

Lightweight static analyzer for several programming languages

Flatt Security Inc. 345 Dec 25, 2022
A fast static code analyzer & language server for Python
A fast static code analyzer & language server for Python

pylyzer ⚡ pylyzer is a static code analyzer / language server for Python written in Rust. Installation cargo (rust package manager) cargo install pyly

Shunsuke Shibayama 78 Jan 3, 2023
A Solidity static analyzer to identify contract vulnerabilities and gas efficiencies.

solstat A Solidity static analyzer to identify contract vulnerabilities and gas efficiencies. .------. .------. .------. .------. .------. .------. .-

null 345 Feb 18, 2023
A opinionated and fast static analyzer for PHP.
A opinionated and fast static analyzer for PHP.

TLDR; A static analyzer for PHP. It helps you catch common mistakes in your PHP code. These are the current checks implemented. Extending undefined cl

Denzyl Dick 11 Mar 6, 2023
A blazingly fast static web server with routing, templating, and security in a single binary you can set up with zero code. :zap::crab:
A blazingly fast static web server with routing, templating, and security in a single binary you can set up with zero code. :zap::crab:

binserve ⚡ 🦀 A blazingly fast static web server with routing, templating, and security in a single binary you can set up with zero code. 🔥 UPDATE: N

Mufeed VH 722 Dec 27, 2022
Docker images for compiling static Rust binaries using musl-libc and musl-gcc, with static versions of useful C libraries. Supports openssl and diesel crates.

rust-musl-builder: Docker container for easily building static Rust binaries Source on GitHub Changelog UPDATED: Major updates in this release which m

Eric Kidd 1.3k Jan 1, 2023
Hot reload static web server for deploying mutiple static web site with version control.

SPA-SERVER It is to provide a static web http server with cache and hot reload. 中文 README Feature Built with Hyper and Warp, fast and small! SSL with

null 7 Dec 18, 2022
Static Web Server - a very small and fast production-ready web server suitable to serve static web files or assets
Static Web Server - a very small and fast production-ready web server suitable to serve static web files or assets

Static Web Server (or SWS abbreviated) is a very small and fast production-ready web server suitable to serve static web files or assets.

Jose Quintana 496 Jan 2, 2023
serve a static site, single page application or just a static file with Rust
serve a static site, single page application or just a static file with Rust

cargo-server tl;dr: Does the same as "python -m http.server" or "npx serve" but for Rust ecosystem. cargo-server helps you serve a static site, single

Raphael Amorim 18 Oct 14, 2022
Serve a static site, single page application or just a static file with Rust
Serve a static site, single page application or just a static file with Rust

cargo-server tl;dr: Does the same as "python -m http.server" or "npx serve" but for Rust ecosystem. cargo-server helps you serve a static site, single

Raphael Amorim 18 Oct 14, 2022
dua (- Disk Usage Analyzer) is a tool to conveniently learn about the usage of disk space of a given directory

dua (- Disk Usage Analyzer) is a tool to conveniently learn about the usage of disk space of a given directory. It's parallel by default and will max

Sebastian Thiel 1.8k Jan 2, 2023
Highly parallelized, blazing fast directory tree analyzer
Highly parallelized, blazing fast directory tree analyzer

Parallel Disk Usage (pdu) Highly parallelized, blazing fast directory tree analyzer. Description pdu is a CLI program that renders a graphical chart f

Khải 237 Dec 22, 2022
rust-analyzer is a modular compiler frontend for the Rust language
rust-analyzer is a modular compiler frontend for the Rust language

rust-analyzer is a modular compiler frontend for the Rust language. It is a part of a larger rls-2.0 effort to create excellent IDE support for Rust.

null 11.2k Jan 8, 2023
A Japanese Morphological Analyzer written in pure Rust

Yoin - A Japanese Morphological Analyzer yoin is a Japanese morphological analyze engine written in pure Rust. mecab-ipadic is embedded in yoin. :) $

Agata Naomichi 21 Apr 30, 2022
Comments
  • Add HTTP API to container to scan iRules

    Add HTTP API to container to scan iRules

    Implement dedicated container with an HTTP API to scan one or multiple iRules.

    API interface should be very simple and easy to use via command line (curl).

    enhancement 
    opened by simonkowallik 0
Releases(1.0.0)
Owner
Simon Kowallik
Helping clients thrive, geek, hacker, making things work or break
Simon Kowallik
GitHub
OpenSK is an open-source implementation for security keys written in Rust that supports both FIDO U2F and FIDO2 standards.

OpenSK This repository contains a Rust implementation of a FIDO2 authenticator. We developed OpenSK as a Tock OS application. We intend to bring a ful

Google 2.4k Jan 7, 2023
A utility like pkg-audit for Arch Linux. Based on Arch Security Team data.

arch-audit pkg-audit-like utility for Arch Linux. Based on data from security.archlinux.org collected by the awesome Arch Security Team. Installation

Andrea Scarpino 316 Nov 22, 2022
The Swiss Army Knife for Binary (In)security

binsec Swiss Army Knife for Binary (In)security binsec is a minimal static analysis utility for detecting security capabilities in ELF/PE/Mach-O execu

Alan 15 Dec 16, 2022
A Rust implementation of the Message Layer Security group messaging protocol

Molasses An extremely early implementation of the Message Layer Security group messaging protocol. This repo is based on draft 4 of the MLS protocol s

Trail of Bits 109 Dec 13, 2022
Bindings to the macOS Security.framework

macOS/iOS Security framework for Rust Documentation Bindings to the Apple's Security.framework. Allows use of TLS and Keychain from Rust. License Lice

Kornel 172 Jan 2, 2023
Minimal and persistent key-value store designed with security in mind

microkv Minimal and persistent key-value store designed with security in mind. Introduction microkv is a persistent key-value store implemented in Rus

Alan 17 Jan 2, 2023
Applied offensive security with the Rust programming language

Black Hat Rust Applied offensive security with the Rust programming language Buy the book now! While the Rust Book does an excellent job teaching What

Sylvain Kerkour 2.2k Jan 8, 2023
Audit Cargo.lock files for dependencies with security vulnerabilities

RustSec Crates ?? ??️ ?? The RustSec Advisory Database is a repository of security advisories filed against Rust crates published via crates.io. The a

RustSec 1.2k Jan 5, 2023
Security advisory database for Rust crates published through crates.io

RustSec Advisory Database The RustSec Advisory Database is a repository of security advisories filed against Rust crates published via https://crates.

RustSec 682 Jan 1, 2023
🕵️‍♀️ Find, locate, and query files for ops and security experts ⚡️⚡️⚡️

Recon Find, locate, and query files for ops and security experts Key Features • How To Use • Download • Contributing • License Key Features Query with

Rusty Ferris Club 11 Dec 16, 2022