Quickly learn CodeQL, an expressive language for code analysis, which helps you explore source code to find bugs and vulnerabilities. During this beginner-accessible course, you will learn to write queries in CodeQL and find critical security vulnerabilities that were identified in Bootstrap, a popular open-source project.
Upon completion of the course, you'll be able to:
You will walk in the steps of our security researchers, and create:
Know where to find documentation and help, install CodeQL, setup your IDE.
Finding all calls to the jQuery $ function
Finding the first argument of all calls to the $ function
Finding jQuery property reads
Using local data flow analysis to find jQuery plugins
Using local data flow analysis to find jQuery plugins options
Detecting untrusted data flow sources
Using global data flow analysis: finalizing the taint tracking query
All public courses on Learning Lab are free.