top | item 47005685

(no title)

Oatcake21 | 16 days ago

I built a vulnerability scanner targeting logic bugs that Semgrep, CodeQL, and Snyk structurally cannot catch because they pattern-match syntax, not behaviour.

SAST tools find SQL injection and XSS. They cant find a booking endpoint that lets any authenticated user delete another user’s booking. The code is syntactically valid — the bug is in what’s missing (an ownership check), not what’s present.

discuss

No comments yet.