Once you successfully login with necessary privileges, Select the programming language which you want to scan that can be accessed from the welcome page or the top bar left drop-down menu.
Languages:
We have scanners for multiple languages given below (shown in screen in Cybershell Code Analysers)
C/C++
JavaScript/TypeScript
C-sharp
Python
Java and
Mobile app Scanners
AI threat analyser for C/Cpp process:
When you click on the C/Cpp analyser, it will take you to the page as given below.
Following are the options you can have while uploading the code to be scanned.
Paste code
Paste code will give you a text box that you can paste code into.
2. Upload file
You can either drag and drop your file in or click it to open this window where you will navigate to your file.
3. Upload zip
For multiple files, you can upload it by zipping it. Maximum size of the zip file must be less than 15 MB (as shown in figure). An ERROR message would appear in the middle if the file size increases from its limit.
4.Github Auth
You can also add the username of the github repository in our scanning page. By clicking on the GitHub AUTH option, a popup will appear that will accept username. Once the username is identified, all the repos will appear and you can select which one you want to scan.
Once you select the code and click the submit button, a next page will appear where the status of the code being scanned will appear. When the scanner gives its result from the scanner, the status will change from pending to clean or vulnerable.
You will receive an email when the file has finished scanning.
After that, you can view the report for both vulnerable and non-vulnerable. Where the CWE-ID and its name will appear along with its source code being scanned. At the bottom of the page, the cert rule will be shown if any.
Once you click for the solution of specific CWE-ID being detected. The link will take you to the VAPS-DB where you can find the solution for the specific CWE-ID.