-
Notifications
You must be signed in to change notification settings - Fork 31
Expand file tree
/
Copy pathCSharp.ini
More file actions
37 lines (37 loc) · 1.21 KB
/
CSharp.ini
File metadata and controls
37 lines (37 loc) · 1.21 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
#Place the higher risk commands at the top of the file - Sort from High risk to Low risk
[CSharp Command Injection 1]
Comment: Potential Command Injection
Regex: (=\s+new\s+Process)
Message: C# reference to a potential Command Injection
Confidence: Low
RiskLevel: 1
[CSharp Command Injection 2]
Comment: Potential Command Injection
Regex: (=\snew\sProcessStartInfo)
Message: C# reference to a potential Command Injection
Confidence: Low
RiskLevel: 1
[CSharp Command Injection 3]
Comment: Potential Command Injection
Regex: (new\s+System\.Diagnostics\.Process\()
Message: C# reference to a potential Command Injection
Confidence: Low
RiskLevel: 1
[CSharp Command Injection 4]
Comment: Potential Command Injection
Regex: (\.StartInfo\.FileName\s+=)
Message: C# reference to a potential Command Injection
Confidence: Low
RiskLevel: 1
[CSharp SQL Injection 1]
Comment: Csharp Potential SQL Injection Injection
Regex: (new\s+SqlConnection\()
Message: C# reference to a potential SQL Injection
Confidence: Low
RiskLevel: 1
[CSharp SQL Injection 2]
Comment: Csharp Potential SQL Injection Injection
Regex: (new\s+SqlCommand\()
Message: C# reference to a potential SQL Injection
Confidence: Low
RiskLevel: 1