h@cktivitycon 2020: Discover vulnerabilities with CodeQL
I’ll be delivering a little bit of introduction to CodeQL and its practical functionality. Besides, I’ll showcase some vulnerabilities that I found through utilizing CodeQL’s powerful static and taint analysis. There’s even one flaw that could lead to RCE! Consequently, the audience will understand the concepts of static analysis, taint analysis, data flow analysis, and so on after the talk.



