Lock-On

Lock-On: Identify sensitive function calls with AST and AI

support quick target and jump to vulnerable(maybe) function

• Format String
• Buffer Overflow
• Command Injection
• Unchecked Return Value of *scanf
• Possible Dangling Pointer
• Possible Null Pointer Dereference
• Memory Leak
• Comparison with Dynamic Count
• Unbound Loop

support quick target and jump to sensitive function

• Information Gather(Quickly select Exec/File/Database/Communication/ENV/Crypto/Other )
• Exec
• File
• Database
• Communication
• ENV
• Crypto
• Other
• ExtConfig

Build

npm install cpy-cli
vsce package