How to Use CodeWarrior for SAST – Step-by-step Guide
In addition, even though it is a web application, Apache is not required. After starting the canner, it will prompt you to select the source code to be scanned by opening up the web browser. As compared to other tools, this tool has a relatively low rate of false positives.
Setup & Usage
You can download this tool from GitHub. Or, you can also clone the Git repository using the following command –
Figure 1 Cloning the repository
CodeWarrior runs at HTTPd with TLS and uses the KISS principle. The KISS principle is a design principle which states that the systems work best if kept simple, rather than making them complicated.
- For compilation, CodeWarrior needs “gcc” preinstalled. If it’s not installed, then simply enter this command:
- sudo apt-get install gcc (This command works with Debian based Linux Distros.)
Figure 2 Compiling CodeWarrior using make command
- After downloading the repository, you will need to compile it using the “make” command. Execute the downloaded file as “bin/warrior”.
Figure 3 Executing CodeWarrior
- Now, open the browser at https://127.0.0.1:1345/index.html.
Figure 4 CodeWarrior
Now, let’s get started with a demo.
- We tested this tool on a repository that contains incomplete and vulnerable code. The link for this repository is
- Use the git clone command to clone this repository in your system
- After cloning the repository, go to your browser and enter the path where the repository is saved into your system.
- The repository contains PHP code. Select “PHP Common fails” in the module and “.php” in extension.
- Click on Start. You will see possible vulnerabilities with specific description for every finding.
Figure 5 Vulnerabilities listed with a complete description
src/ = C source code (web socket)
eggs/ = external modules to search codes using regex
conf/whitelist.conf = list of IPs that have access in the HTTPd server
bin/ = file to execute
doc/ = at construction
lib/ = external libraries
cert/ = loads your certificates for TLS here
Create a certificate
If there is a requirement to create your own certificate, then follow these steps –
openssl req -x509 -sha256 -nodes -days 365 –newkey rsa:2048 –keyout certkey.key -out certificate.crt
cat certificate.crt certkey.key > certkey.pem
- If there is a return error, it means that the port is in use, close it using –
$ fuser -k n tcp 4444
- Use the Chrome browser to run the application.
- Use 127.0.0.1, do not use localhost name.
- If you face an issue during the compilation process, then look for error that’s being generated.
- In most cases, some required libraries are not pre-installed due to which problems occur during compilation. We also faced this issue during compilation.
Figure 6 Troubleshooting an error raised due to unmet dependency.
Here, the development package for OpenSSL is not installed. So, simply enter the following command:
sudo apt-get install libssl-dev
(Read about the differences between DAST & SAST here.)
- Application Security Testing10
- AWS Penetration Testing5
- Cloud Penetration Testing5
- DAST-Dynamic Application Security Testing9
- network penetration test1
- OSINT Penetration Testing1
- PCI DSS Compliance4
- Penetration Testing as a Service10
- Phishing as a Service2
- Service Organization Control(SOC)1
- web application security4