Demo preparation links down below!
This video is an introduction to Joern, an open-sourced static analysis tool. Joern is an award-winning open-source platform for robust query-based analysis of C/C++. It enables mining large codebases for vulnerabilities using a Scala-based domain-specific query language and provides the reference implementation for code property graphs. With its fuzzy parsing approach, it is specifically suited for machine learning applications. Joern serves as the fundamental for the commercial SAST and code exploration products at ShiftLeft.
Important Links
Joern Documentation: docs.joern.io
Joern query database: queries.joern.io
Joern Community: / discord
Demo preparation:
Download VLC v3.0.12 source and extract in a convenient directory
$ wget get.videolan.org/vlc/3.0.12/vl...
$ tar -xvf vlc-3.0.12.tar.xz
Download Joern and install
$ wget github.com/joernio/joern/rele...
$ chmod +x ./joern-install.sh
$ sudo ./joern-install.sh