thuban 0.4.0 → 0.4.2

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (209) hide show
  1. package/dist/package.json +63 -0
  2. package/dist/packages/crucible/rules/code-scanner-core.json +129 -0
  3. package/dist/packages/crucible/rules/command-injection.json +411 -0
  4. package/dist/packages/crucible/rules/crypto-misuse.json +35 -0
  5. package/dist/packages/crucible/rules/deserialization.json +152 -0
  6. package/dist/packages/crucible/rules/env-injection.json +46 -0
  7. package/dist/packages/crucible/rules/eval-abuse.json +104 -0
  8. package/dist/packages/crucible/rules/file-upload.json +46 -0
  9. package/dist/packages/crucible/rules/hallucination.json +22 -0
  10. package/dist/packages/crucible/rules/hardcoded-secret.json +397 -0
  11. package/dist/packages/crucible/rules/hardcoded-url.json +13 -0
  12. package/dist/packages/crucible/rules/insecure-crypto.json +302 -0
  13. package/dist/packages/crucible/rules/integer-overflow.json +35 -0
  14. package/dist/packages/crucible/rules/log-injection.json +33 -0
  15. package/dist/packages/crucible/rules/mass-assignment.json +112 -0
  16. package/dist/packages/crucible/rules/open-redirect.json +196 -0
  17. package/dist/packages/crucible/rules/path-traversal.json +422 -0
  18. package/dist/packages/crucible/rules/prototype-pollution.json +22 -0
  19. package/dist/packages/crucible/rules/sql-injection.json +597 -0
  20. package/dist/packages/crucible/rules/ssrf.json +557 -0
  21. package/dist/packages/crucible/rules/timing-attack.json +55 -0
  22. package/dist/packages/crucible/rules/unsafe-block.json +24 -0
  23. package/dist/packages/crucible/rules/xss.json +641 -0
  24. package/dist/packages/crucible/rules/xxe.json +66 -0
  25. package/dist/packages/crucible/rules/yaml-deserialization.json +22 -0
  26. package/dist/packages/crucible/rules/yaml-injection.json +22 -0
  27. package/dist/packages/scanner/executive-report.js +1 -1
  28. package/dist/packages/scanner/hallucination-detector.js +1 -1
  29. package/dist/packages/scanner/secret-scanner.js +1 -1
  30. package/package.json +7 -4
  31. package/dist/packages/crucible/seeds/python/seed-021 3.py +0 -37
  32. package/dist/packages/crucible/seeds/python/seed-022 3.py +0 -34
  33. package/dist/packages/crucible/seeds/python/seed-023 3.py +0 -37
  34. package/dist/packages/crucible/seeds/python/seed-024 3.py +0 -38
  35. package/dist/packages/crucible/seeds/python/seed-025 3.py +0 -40
  36. package/dist/packages/crucible/seeds/python/seed-026 3.py +0 -35
  37. package/dist/packages/crucible/seeds/python/seed-027 3.py +0 -35
  38. package/dist/packages/crucible/seeds/python/seed-028 3.py +0 -42
  39. package/dist/packages/crucible/seeds/python/seed-030 3.py +0 -37
  40. package/dist/packages/crucible/seeds/python/seed-031 3.py +0 -34
  41. package/dist/packages/crucible/seeds/python/seed-036 3.py +0 -33
  42. package/dist/packages/crucible/seeds/python/seed-037 3.py +0 -41
  43. package/dist/packages/crucible/seeds/python/seed-038 3.py +0 -33
  44. package/dist/packages/crucible/seeds/python/seed-039 3.py +0 -39
  45. package/dist/packages/crucible/seeds/python/seed-040 3.py +0 -39
  46. package/dist/packages/crucible/seeds/python/seed-041 3.py +0 -37
  47. package/dist/packages/crucible/seeds/python/seed-042 3.py +0 -38
  48. package/dist/packages/crucible/seeds/python/seed-043 3.py +0 -32
  49. package/dist/packages/crucible/seeds/python/seed-044 3.py +0 -38
  50. package/dist/packages/crucible/seeds/python/seed-045 3.py +0 -36
  51. package/dist/packages/crucible/seeds/python/seed-046 3.py +0 -33
  52. package/dist/packages/crucible/seeds/python/seed-047 3.py +0 -44
  53. package/dist/packages/crucible/seeds/python/seed-048 3.py +0 -35
  54. package/dist/packages/crucible/seeds/python/seed-049 3.py +0 -39
  55. package/dist/packages/crucible/seeds/python/seed-050 3.py +0 -39
  56. package/dist/packages/crucible/seeds/python/seed-051 3.py +0 -38
  57. package/dist/packages/crucible/seeds/python/seed-052 3.py +0 -41
  58. package/dist/packages/crucible/seeds/ruby/seed-001 3.rb +0 -15
  59. package/dist/packages/crucible/seeds/ruby/seed-002 3.rb +0 -22
  60. package/dist/packages/crucible/seeds/ruby/seed-003 3.rb +0 -25
  61. package/dist/packages/crucible/seeds/ruby/seed-004 3.rb +0 -17
  62. package/dist/packages/crucible/seeds/ruby/seed-005 3.rb +0 -21
  63. package/dist/packages/crucible/seeds/ruby/seed-006 3.rb +0 -17
  64. package/dist/packages/crucible/seeds/ruby/seed-007 3.rb +0 -16
  65. package/dist/packages/crucible/seeds/ruby/seed-008 3.rb +0 -18
  66. package/dist/packages/crucible/seeds/ruby/seed-009 3.rb +0 -20
  67. package/dist/packages/crucible/seeds/ruby/seed-010 3.rb +0 -24
  68. package/dist/packages/crucible/seeds/ruby/seed-011 3.rb +0 -21
  69. package/dist/packages/crucible/seeds/ruby/seed-012 3.rb +0 -22
  70. package/dist/packages/crucible/seeds/ruby/seed-013 3.rb +0 -21
  71. package/dist/packages/crucible/seeds/ruby/seed-014 3.rb +0 -16
  72. package/dist/packages/crucible/seeds/ruby/seed-015 3.rb +0 -18
  73. package/dist/packages/crucible/seeds/ruby/seed-016 3.rb +0 -17
  74. package/dist/packages/crucible/seeds/ruby/seed-017 3.rb +0 -25
  75. package/dist/packages/crucible/seeds/ruby/seed-018 3.rb +0 -23
  76. package/dist/packages/crucible/seeds/ruby/seed-019 3.rb +0 -20
  77. package/dist/packages/crucible/seeds/ruby/seed-020 3.rb +0 -17
  78. package/dist/packages/crucible/seeds/ruby/seed-021 3.rb +0 -20
  79. package/dist/packages/crucible/seeds/ruby/seed-022 3.rb +0 -21
  80. package/dist/packages/crucible/seeds/ruby/seed-023 3.rb +0 -19
  81. package/dist/packages/crucible/seeds/ruby/seed-024 3.rb +0 -17
  82. package/dist/packages/crucible/seeds/ruby/seed-025 3.rb +0 -17
  83. package/dist/packages/crucible/seeds/ruby/seed-026 3.rb +0 -18
  84. package/dist/packages/crucible/seeds/ruby/seed-027 3.rb +0 -21
  85. package/dist/packages/crucible/seeds/ruby/seed-028 3.rb +0 -22
  86. package/dist/packages/crucible/seeds/ruby/seed-029 3.rb +0 -19
  87. package/dist/packages/crucible/seeds/ruby/seed-030 3.rb +0 -20
  88. package/dist/packages/crucible/seeds/ruby/seed-031 3.rb +0 -17
  89. package/dist/packages/crucible/seeds/ruby/seed-032 3.rb +0 -22
  90. package/dist/packages/crucible/seeds/ruby/seed-033 3.rb +0 -18
  91. package/dist/packages/crucible/seeds/ruby/seed-034 3.rb +0 -19
  92. package/dist/packages/crucible/seeds/ruby/seed-035 3.rb +0 -19
  93. package/dist/packages/crucible/seeds/ruby/seed-036 3.rb +0 -18
  94. package/dist/packages/crucible/seeds/ruby/seed-037 3.rb +0 -21
  95. package/dist/packages/crucible/seeds/ruby/seed-038 3.rb +0 -24
  96. package/dist/packages/crucible/seeds/ruby/seed-039 3.rb +0 -24
  97. package/dist/packages/crucible/seeds/ruby/seed-040 3.rb +0 -22
  98. package/dist/packages/crucible/seeds/ruby/seed-041 3.rb +0 -23
  99. package/dist/packages/crucible/seeds/ruby/seed-042 3.rb +0 -25
  100. package/dist/packages/crucible/seeds/ruby/seed-043 3.rb +0 -23
  101. package/dist/packages/crucible/seeds/ruby/seed-044 3.rb +0 -16
  102. package/dist/packages/crucible/seeds/ruby/seed-045 3.rb +0 -22
  103. package/dist/packages/crucible/seeds/ruby/seed-046 3.rb +0 -27
  104. package/dist/packages/crucible/seeds/ruby/seed-047 3.rb +0 -26
  105. package/dist/packages/crucible/seeds/ruby/seed-048 3.rb +0 -24
  106. package/dist/packages/crucible/seeds/ruby/seed-049 3.rb +0 -20
  107. package/dist/packages/crucible/seeds/ruby/seed-050 3.rb +0 -27
  108. package/dist/packages/crucible/seeds/rust/seed-001 3.rs +0 -25
  109. package/dist/packages/crucible/seeds/rust/seed-002 3.rs +0 -20
  110. package/dist/packages/crucible/seeds/rust/seed-003 3.rs +0 -23
  111. package/dist/packages/crucible/seeds/rust/seed-004 3.rs +0 -21
  112. package/dist/packages/crucible/seeds/rust/seed-005 3.rs +0 -21
  113. package/dist/packages/crucible/seeds/rust/seed-006 3.rs +0 -24
  114. package/dist/packages/crucible/seeds/rust/seed-007 3.rs +0 -20
  115. package/dist/packages/crucible/seeds/rust/seed-008 3.rs +0 -19
  116. package/dist/packages/crucible/seeds/rust/seed-009 3.rs +0 -28
  117. package/dist/packages/crucible/seeds/rust/seed-010 3.rs +0 -28
  118. package/dist/packages/crucible/seeds/rust/seed-011 3.rs +0 -25
  119. package/dist/packages/crucible/seeds/rust/seed-012 3.rs +0 -31
  120. package/dist/packages/crucible/seeds/rust/seed-013 3.rs +0 -27
  121. package/dist/packages/crucible/seeds/rust/seed-014 3.rs +0 -30
  122. package/dist/packages/crucible/seeds/rust/seed-015 3.rs +0 -33
  123. package/dist/packages/crucible/seeds/rust/seed-016 3.rs +0 -22
  124. package/dist/packages/crucible/seeds/rust/seed-017 3.rs +0 -28
  125. package/dist/packages/crucible/seeds/rust/seed-018 3.rs +0 -21
  126. package/dist/packages/crucible/seeds/rust/seed-019 3.rs +0 -36
  127. package/dist/packages/crucible/seeds/rust/seed-020 3.rs +0 -27
  128. package/dist/packages/crucible/seeds/rust/seed-021 3.rs +0 -26
  129. package/dist/packages/crucible/seeds/rust/seed-022 3.rs +0 -23
  130. package/dist/packages/crucible/seeds/rust/seed-023 3.rs +0 -22
  131. package/dist/packages/crucible/seeds/rust/seed-024 3.rs +0 -24
  132. package/dist/packages/crucible/seeds/rust/seed-025 3.rs +0 -29
  133. package/dist/packages/crucible/seeds/rust/seed-026 3.rs +0 -23
  134. package/dist/packages/crucible/seeds/rust/seed-027 3.rs +0 -24
  135. package/dist/packages/crucible/seeds/rust/seed-028 3.rs +0 -25
  136. package/dist/packages/crucible/seeds/rust/seed-029 3.rs +0 -25
  137. package/dist/packages/crucible/seeds/rust/seed-030 3.rs +0 -30
  138. package/dist/packages/crucible/seeds/rust/seed-031 3.rs +0 -22
  139. package/dist/packages/crucible/seeds/rust/seed-032 3.rs +0 -25
  140. package/dist/packages/crucible/seeds/rust/seed-033 3.rs +0 -25
  141. package/dist/packages/crucible/seeds/rust/seed-034 3.rs +0 -20
  142. package/dist/packages/crucible/seeds/rust/seed-035 3.rs +0 -28
  143. package/dist/packages/crucible/seeds/rust/seed-036 3.rs +0 -26
  144. package/dist/packages/crucible/seeds/rust/seed-037 3.rs +0 -31
  145. package/dist/packages/crucible/seeds/rust/seed-038 3.rs +0 -25
  146. package/dist/packages/crucible/seeds/rust/seed-039 3.rs +0 -28
  147. package/dist/packages/crucible/seeds/rust/seed-040 3.rs +0 -27
  148. package/dist/packages/crucible/seeds/rust/seed-041 3.rs +0 -32
  149. package/dist/packages/crucible/seeds/rust/seed-042 3.rs +0 -27
  150. package/dist/packages/crucible/seeds/rust/seed-043 3.rs +0 -29
  151. package/dist/packages/crucible/seeds/rust/seed-044 3.rs +0 -25
  152. package/dist/packages/crucible/seeds/rust/seed-045 3.rs +0 -28
  153. package/dist/packages/crucible/seeds/rust/seed-046 3.rs +0 -25
  154. package/dist/packages/crucible/seeds/rust/seed-047 3.rs +0 -34
  155. package/dist/packages/crucible/seeds/rust/seed-048 3.rs +0 -21
  156. package/dist/packages/crucible/seeds/rust/seed-049 3.rs +0 -26
  157. package/dist/packages/crucible/seeds/rust/seed-050 3.rs +0 -23
  158. package/dist/packages/crucible/seeds/ts/seed-001 3.ts +0 -32
  159. package/dist/packages/crucible/seeds/ts/seed-002 3.ts +0 -34
  160. package/dist/packages/crucible/seeds/ts/seed-003 3.ts +0 -28
  161. package/dist/packages/crucible/seeds/ts/seed-004 3.ts +0 -34
  162. package/dist/packages/crucible/seeds/ts/seed-005 3.ts +0 -32
  163. package/dist/packages/crucible/seeds/ts/seed-006 3.ts +0 -31
  164. package/dist/packages/crucible/seeds/ts/seed-007 3.ts +0 -28
  165. package/dist/packages/crucible/seeds/ts/seed-008 3.ts +0 -40
  166. package/dist/packages/crucible/seeds/ts/seed-009 3.ts +0 -31
  167. package/dist/packages/crucible/seeds/ts/seed-010 3.ts +0 -33
  168. package/dist/packages/crucible/seeds/ts/seed-011 3.ts +0 -29
  169. package/dist/packages/crucible/seeds/ts/seed-012 3.ts +0 -34
  170. package/dist/packages/crucible/seeds/ts/seed-013 3.ts +0 -31
  171. package/dist/packages/crucible/seeds/ts/seed-014 3.ts +0 -36
  172. package/dist/packages/crucible/seeds/ts/seed-015 3.ts +0 -31
  173. package/dist/packages/crucible/seeds/ts/seed-016 3.ts +0 -37
  174. package/dist/packages/crucible/seeds/ts/seed-017 3.ts +0 -44
  175. package/dist/packages/crucible/seeds/ts/seed-018 3.ts +0 -33
  176. package/dist/packages/crucible/seeds/ts/seed-019 3.ts +0 -32
  177. package/dist/packages/crucible/seeds/ts/seed-020 3.ts +0 -33
  178. package/dist/packages/crucible/seeds/ts/seed-021 3.ts +0 -33
  179. package/dist/packages/crucible/seeds/ts/seed-022 3.ts +0 -34
  180. package/dist/packages/crucible/seeds/ts/seed-023 3.ts +0 -33
  181. package/dist/packages/crucible/seeds/ts/seed-024 3.ts +0 -35
  182. package/dist/packages/crucible/seeds/ts/seed-025 3.ts +0 -29
  183. package/dist/packages/crucible/seeds/ts/seed-026 3.ts +0 -36
  184. package/dist/packages/crucible/seeds/ts/seed-027 3.ts +0 -30
  185. package/dist/packages/crucible/seeds/ts/seed-028 3.ts +0 -32
  186. package/dist/packages/crucible/seeds/ts/seed-029 3.ts +0 -34
  187. package/dist/packages/crucible/seeds/ts/seed-030 3.ts +0 -37
  188. package/dist/packages/crucible/seeds/ts/seed-031 3.ts +0 -31
  189. package/dist/packages/crucible/seeds/ts/seed-032 3.ts +0 -32
  190. package/dist/packages/crucible/seeds/ts/seed-033 3.ts +0 -32
  191. package/dist/packages/crucible/seeds/ts/seed-034 3.ts +0 -34
  192. package/dist/packages/crucible/seeds/ts/seed-035 3.ts +0 -29
  193. package/dist/packages/crucible/seeds/ts/seed-036 3.ts +0 -34
  194. package/dist/packages/crucible/seeds/ts/seed-037 3.ts +0 -33
  195. package/dist/packages/crucible/seeds/ts/seed-038 3.ts +0 -29
  196. package/dist/packages/crucible/seeds/ts/seed-039 3.ts +0 -35
  197. package/dist/packages/crucible/seeds/ts/seed-040 3.ts +0 -31
  198. package/dist/packages/crucible/seeds/ts/seed-041 3.ts +0 -29
  199. package/dist/packages/crucible/seeds/ts/seed-042 3.ts +0 -33
  200. package/dist/packages/crucible/seeds/ts/seed-043 3.ts +0 -32
  201. package/dist/packages/crucible/seeds/ts/seed-044 3.ts +0 -36
  202. package/dist/packages/crucible/seeds/ts/seed-045 3.ts +0 -39
  203. package/dist/packages/crucible/seeds/ts/seed-046 3.ts +0 -41
  204. package/dist/packages/crucible/seeds/ts/seed-047 3.ts +0 -33
  205. package/dist/packages/crucible/seeds/ts/seed-048 3.ts +0 -33
  206. package/dist/packages/crucible/seeds/ts/seed-049 3.ts +0 -34
  207. package/dist/packages/crucible/seeds/ts/seed-050 3.ts +0 -41
  208. package/dist/packages/crucible/seeds/ts/seed-051 3.ts +0 -34
  209. package/dist/packages/crucible/seeds/ts/seed-052 3.ts +0 -36
@@ -0,0 +1,597 @@
1
+ [
2
+ {
3
+ "id": "SQL001",
4
+ "pattern": "(?:SELECT|INSERT|UPDATE|DELETE).*(?:['\"`]\\s*\\+|\\+\\s*['\"`]|fmt\\.Sprintf|%\\s*\\w+)",
5
+ "flags": "i",
6
+ "category": "sql_injection",
7
+ "description": "SQL injection",
8
+ "language": [
9
+ "js",
10
+ "ts",
11
+ "python",
12
+ "java",
13
+ "go",
14
+ "csharp",
15
+ "php",
16
+ "ruby",
17
+ "rust",
18
+ "kotlin"
19
+ ],
20
+ "severity": "critical"
21
+ },
22
+ {
23
+ "id": "SQL002",
24
+ "pattern": "(?:SELECT|INSERT|UPDATE|DELETE).*'%s'|'%s'.*(?:SELECT|WHERE)",
25
+ "flags": "i",
26
+ "category": "sql_injection",
27
+ "description": "SQL injection",
28
+ "language": [
29
+ "js",
30
+ "ts",
31
+ "python",
32
+ "java",
33
+ "go",
34
+ "csharp",
35
+ "php",
36
+ "ruby",
37
+ "rust",
38
+ "kotlin"
39
+ ],
40
+ "severity": "critical"
41
+ },
42
+ {
43
+ "id": "SQL003",
44
+ "pattern": "SELECT.*\\$\\{|INSERT.*\\$\\{|UPDATE.*\\$\\{|DELETE.*\\$\\{",
45
+ "flags": "i",
46
+ "category": "sql_injection",
47
+ "description": "SQL injection",
48
+ "language": [
49
+ "js",
50
+ "ts",
51
+ "python",
52
+ "java",
53
+ "go",
54
+ "csharp",
55
+ "php",
56
+ "ruby",
57
+ "rust",
58
+ "kotlin"
59
+ ],
60
+ "severity": "critical"
61
+ },
62
+ {
63
+ "id": "SQL004",
64
+ "pattern": "query\\s*=\\s*['\"`][^'\"`]*['\"`]\\s*\\+|f['\"].*(?:SELECT|WHERE)",
65
+ "flags": "i",
66
+ "category": "sql_injection",
67
+ "description": "SQL injection",
68
+ "language": [
69
+ "js",
70
+ "ts",
71
+ "python",
72
+ "java",
73
+ "go",
74
+ "csharp",
75
+ "php",
76
+ "ruby",
77
+ "rust",
78
+ "kotlin"
79
+ ],
80
+ "severity": "critical"
81
+ },
82
+ {
83
+ "id": "SQL005",
84
+ "pattern": "\\$[\"'](?:[^\"']*(?:SELECT|INSERT|UPDATE|DELETE|WHERE|FROM)[^\"']*)[\"']",
85
+ "flags": "i",
86
+ "category": "sql_injection",
87
+ "description": "SQL injection: C# string interpolation ($\"...\") in SQL",
88
+ "language": [
89
+ "csharp"
90
+ ],
91
+ "severity": "critical"
92
+ },
93
+ {
94
+ "id": "SQL006",
95
+ "pattern": "(?:rawQuery|rawSql|raw_query|execute|db\\.query)\\s*\\(\\s*['\"`].*\\$[{a-zA-Z]",
96
+ "flags": "i",
97
+ "category": "sql_injection",
98
+ "description": "SQL injection: rawQuery / rawSQL / execute with string interpolation",
99
+ "language": [
100
+ "js",
101
+ "ts",
102
+ "python",
103
+ "java",
104
+ "go",
105
+ "csharp",
106
+ "php",
107
+ "ruby",
108
+ "rust",
109
+ "kotlin"
110
+ ],
111
+ "severity": "critical"
112
+ },
113
+ {
114
+ "id": "SQL007",
115
+ "pattern": "(?:rawQuery|execSQL|executeQuery|execute)\\s*\\(\\s*['\"`][^'\"`,]*['\"`]\\s*\\.format\\s*\\(",
116
+ "flags": "i",
117
+ "category": "sql_injection",
118
+ "description": "SQL injection: rawQuery / rawSQL / execute with string interpolation",
119
+ "language": [
120
+ "js",
121
+ "ts",
122
+ "python",
123
+ "java",
124
+ "go",
125
+ "csharp",
126
+ "php",
127
+ "ruby",
128
+ "rust",
129
+ "kotlin"
130
+ ],
131
+ "severity": "critical"
132
+ },
133
+ {
134
+ "id": "SQL008",
135
+ "pattern": "rawQuery\\s*\\(\\s*[\"'].*\\$[a-zA-Z{]",
136
+ "flags": "",
137
+ "category": "sql_injection",
138
+ "description": "SQL injection: Kotlin rawQuery with string interpolation ($variable)",
139
+ "language": [
140
+ "kotlin"
141
+ ],
142
+ "severity": "critical"
143
+ },
144
+ {
145
+ "id": "SQL009",
146
+ "pattern": "(?:connection|ActiveRecord::Base\\.connection)\\.execute\\s*\\([^)]*#\\{",
147
+ "flags": "i",
148
+ "category": "sql_injection",
149
+ "description": "SQL injection: Ruby connection.execute with string interpolation",
150
+ "language": [
151
+ "ruby"
152
+ ],
153
+ "severity": "critical"
154
+ },
155
+ {
156
+ "id": "SQL010",
157
+ "pattern": "cursor\\.execute\\s*\\([^)]*\\.format\\s*\\(|cursor\\.execute\\s*\\([^)]*%s",
158
+ "flags": "i",
159
+ "category": "sql_injection",
160
+ "description": "SQL injection: Django/Python cursor.execute with .format()",
161
+ "language": [
162
+ "python"
163
+ ],
164
+ "severity": "critical"
165
+ },
166
+ {
167
+ "id": "SQL011",
168
+ "pattern": "(?:mysqli_query|pg_query|mysql_query)\\s*\\([^,]+,\\s*['\"][^'\"]*['\"]?\\s*\\.\\s*\\$",
169
+ "flags": "i",
170
+ "category": "sql_injection",
171
+ "description": "SQL injection: PHP mysqli_query / pg_query with variable concatenation",
172
+ "language": [
173
+ "php"
174
+ ],
175
+ "severity": "critical"
176
+ },
177
+ {
178
+ "id": "SQL012",
179
+ "pattern": "(?:SELECT|INSERT|UPDATE|DELETE)\\s[^'\"]*\\.\\s*\\$[a-zA-Z_]",
180
+ "flags": "i",
181
+ "category": "sql_injection",
182
+ "description": "SQL injection: PHP mysqli_query / pg_query with variable concatenation",
183
+ "language": [
184
+ "php"
185
+ ],
186
+ "severity": "critical"
187
+ },
188
+ {
189
+ "id": "SQL013",
190
+ "pattern": "ORDER\\s+BY\\s+\\$\\{|ORDER\\s+BY.*['\"`]\\s*\\+\\s*\\w|GROUP\\s+BY\\s+\\$\\{",
191
+ "flags": "i",
192
+ "category": "sql_injection",
193
+ "description": "SQL injection: dynamic ORDER BY / column name from user variable",
194
+ "language": [
195
+ "js",
196
+ "ts",
197
+ "python",
198
+ "java",
199
+ "go",
200
+ "csharp",
201
+ "php",
202
+ "ruby",
203
+ "rust",
204
+ "kotlin"
205
+ ],
206
+ "severity": "critical"
207
+ },
208
+ {
209
+ "id": "SQL014",
210
+ "pattern": "`[^`]*(?:FROM|WHERE|ORDER BY|GROUP BY|SET)[^`]*\\$\\{",
211
+ "flags": "i",
212
+ "category": "sql_injection",
213
+ "description": "SQL injection: template literal with SQL keywords and column/table variable",
214
+ "language": [
215
+ "js",
216
+ "ts",
217
+ "python",
218
+ "java",
219
+ "go",
220
+ "csharp",
221
+ "php",
222
+ "ruby",
223
+ "rust",
224
+ "kotlin"
225
+ ],
226
+ "severity": "critical"
227
+ },
228
+ {
229
+ "id": "SQL015",
230
+ "pattern": "[\"'][^\"']*(?:SELECT|WHERE|FROM|DELETE|UPDATE)[^\"']*[\"']\\s*\\.\\s*\\$[a-zA-Z_]",
231
+ "flags": "i",
232
+ "category": "sql_injection",
233
+ "description": "SQL injection: PHP dot-concat with SQL string (\"SELECT...\" . $var)",
234
+ "language": [
235
+ "php"
236
+ ],
237
+ "severity": "critical"
238
+ },
239
+ {
240
+ "id": "SQL016",
241
+ "pattern": "[\"']SELECT[^\"']*\\$[a-zA-Z_]|[\"']DELETE[^\"']*\\$[a-zA-Z_]|[\"']UPDATE[^\"']*\\$[a-zA-Z_]",
242
+ "flags": "i",
243
+ "category": "sql_injection",
244
+ "description": "SQL injection: PHP variable in double-quoted SQL string (\"SELECT * FROM $table WHERE $where\")",
245
+ "language": [
246
+ "php"
247
+ ],
248
+ "severity": "critical"
249
+ },
250
+ {
251
+ "id": "SQL017",
252
+ "pattern": "mysqli_query\\s*\\(\\s*\\$[a-zA-Z_]+\\s*,\\s*\\$[a-zA-Z_]|pg_query\\s*\\(\\s*\\$[a-zA-Z_]+\\s*,\\s*\\$[a-zA-Z_]",
253
+ "flags": "i",
254
+ "category": "sql_injection",
255
+ "description": "SQL injection: mysqli_query / pg_query called with variable built by concat",
256
+ "language": [
257
+ "js",
258
+ "ts",
259
+ "python",
260
+ "java",
261
+ "go",
262
+ "csharp",
263
+ "php",
264
+ "ruby",
265
+ "rust",
266
+ "kotlin"
267
+ ],
268
+ "severity": "critical"
269
+ },
270
+ {
271
+ "id": "SQL018",
272
+ "pattern": "\\.where\\s*\\(\\s*[\"'][^\"']*#\\{|\\.find_by_sql\\s*\\(\\s*[\"'][^\"']*#\\{",
273
+ "flags": "i",
274
+ "category": "sql_injection",
275
+ "description": "SQL injection: Ruby .where() or .find_by_sql() with string interpolation",
276
+ "language": [
277
+ "ruby"
278
+ ],
279
+ "severity": "critical"
280
+ },
281
+ {
282
+ "id": "SQL019",
283
+ "pattern": "[\"'](?:SELECT|DELETE|UPDATE|INSERT)[^\"']*#\\{[a-zA-Z_]",
284
+ "flags": "i",
285
+ "category": "sql_injection",
286
+ "description": "SQL injection: Ruby string with SQL keywords and #{} interpolation",
287
+ "language": [
288
+ "ruby"
289
+ ],
290
+ "severity": "critical"
291
+ },
292
+ {
293
+ "id": "SQL020",
294
+ "pattern": "string\\.Format\\s*\\(\\s*[\"'][^\"']*(?:SELECT|WHERE|FROM|DELETE)[^\"']*[\"']",
295
+ "flags": "i",
296
+ "category": "sql_injection",
297
+ "description": "SQL injection: C# string.Format with SQL",
298
+ "language": [
299
+ "csharp"
300
+ ],
301
+ "severity": "critical"
302
+ },
303
+ {
304
+ "id": "SQL021",
305
+ "pattern": "(?:String\\s+\\w+|var\\s+\\w+)\\s*=\\s*[\"']SELECT[^\"']*[\"']\\s*\\+\\s*\\w",
306
+ "flags": "i",
307
+ "category": "sql_injection",
308
+ "description": "SQL injection: Java/C# string variable assigned SQL with concat",
309
+ "language": [
310
+ "csharp",
311
+ "java"
312
+ ],
313
+ "severity": "critical"
314
+ },
315
+ {
316
+ "id": "SQL022",
317
+ "pattern": "cursor\\.execute\\s*\\(\\s*[\"'][^\"']*[\"']\\s*%\\s*\\(",
318
+ "flags": "i",
319
+ "category": "sql_injection",
320
+ "description": "SQL injection: Python cursor.execute with % operator format",
321
+ "language": [
322
+ "python"
323
+ ],
324
+ "severity": "critical"
325
+ },
326
+ {
327
+ "id": "SQL023",
328
+ "pattern": "\\.extra\\s*\\(\\s*where\\s*=\\[[\"'][^\"']*%s",
329
+ "flags": "i",
330
+ "category": "sql_injection",
331
+ "description": "SQL injection: Django .extra() with user-controlled where arg",
332
+ "language": [
333
+ "js",
334
+ "ts",
335
+ "python",
336
+ "java",
337
+ "go",
338
+ "csharp",
339
+ "php",
340
+ "ruby",
341
+ "rust",
342
+ "kotlin"
343
+ ],
344
+ "severity": "critical"
345
+ },
346
+ {
347
+ "id": "SQL024",
348
+ "pattern": "(?:repository|connection|dataSource|sequelize|db)\\.query\\s*\\(\\s*[\"'][^\"']*[\"']\\s*\\+\\s*\\w",
349
+ "flags": "i",
350
+ "category": "sql_injection",
351
+ "description": "SQL injection: TypeORM/Sequelize .query() with string concat",
352
+ "language": [
353
+ "js",
354
+ "ts",
355
+ "python",
356
+ "java",
357
+ "go",
358
+ "csharp",
359
+ "php",
360
+ "ruby",
361
+ "rust",
362
+ "kotlin"
363
+ ],
364
+ "severity": "critical"
365
+ },
366
+ {
367
+ "id": "SQL025",
368
+ "pattern": "val\\s+\\w*[Ss]election\\w*\\s*=\\s*[\"'][^\"']*\\$[a-zA-Z_]",
369
+ "flags": "i",
370
+ "category": "sql_injection",
371
+ "description": "SQL injection: Kotlin rawQuery where selection string contains interpolated var",
372
+ "language": [
373
+ "kotlin"
374
+ ],
375
+ "severity": "critical"
376
+ },
377
+ {
378
+ "id": "SQL026",
379
+ "pattern": "new SqlCommand\\s*\\(\\s*(?:\"[^\"]*\"\\s*\\+|string\\.Format|\\$[\"'])",
380
+ "flags": "i",
381
+ "category": "sql_injection",
382
+ "description": "C# SQL injection: SqlCommand with string concat / interpolation / Format",
383
+ "language": [
384
+ "csharp"
385
+ ],
386
+ "severity": "critical"
387
+ },
388
+ {
389
+ "id": "SQL027",
390
+ "pattern": "\\.CommandText\\s*=\\s*(?:\"[^\"]*\"\\s*\\+|\\$[\"'])",
391
+ "flags": "i",
392
+ "category": "sql_injection",
393
+ "description": "C# SQL injection: SqlCommand with string concat / interpolation / Format",
394
+ "language": [
395
+ "csharp"
396
+ ],
397
+ "severity": "critical"
398
+ },
399
+ {
400
+ "id": "SQL028",
401
+ "pattern": "string\\.Format\\s*\\(\\s*[\"'][^\"']*(SELECT|INSERT|UPDATE|DELETE|WHERE)",
402
+ "flags": "i",
403
+ "category": "sql_injection",
404
+ "description": "C# SQL injection: SqlCommand with string concat / interpolation / Format",
405
+ "language": [
406
+ "csharp"
407
+ ],
408
+ "severity": "critical"
409
+ },
410
+ {
411
+ "id": "SQL029",
412
+ "pattern": "new SqlCommand\\s*\\(\\s*[\"'][^\"']*[\"']\\s*\\+",
413
+ "flags": "i",
414
+ "category": "sql_injection",
415
+ "description": "C# SQL injection: SqlCommand with string concat / interpolation / Format",
416
+ "language": [
417
+ "csharp"
418
+ ],
419
+ "severity": "critical"
420
+ },
421
+ {
422
+ "id": "SQL030",
423
+ "pattern": "\\.where\\s*\\(\\s*[\"'][^\"']*#\\{",
424
+ "flags": "i",
425
+ "category": "sql_injection",
426
+ "description": "Ruby SQL injection: ActiveRecord with string interpolation",
427
+ "language": [
428
+ "ruby"
429
+ ],
430
+ "severity": "critical"
431
+ },
432
+ {
433
+ "id": "SQL031",
434
+ "pattern": "find_by_sql\\s*\\(\\s*[\"'][^\"']*#\\{",
435
+ "flags": "i",
436
+ "category": "sql_injection",
437
+ "description": "Ruby SQL injection: ActiveRecord with string interpolation",
438
+ "language": [
439
+ "ruby"
440
+ ],
441
+ "severity": "critical"
442
+ },
443
+ {
444
+ "id": "SQL032",
445
+ "pattern": "ActiveRecord::Base\\.connection\\.execute\\s*\\(\\s*[\"'][^\"']*#\\{",
446
+ "flags": "i",
447
+ "category": "sql_injection",
448
+ "description": "Ruby SQL injection: ActiveRecord with string interpolation",
449
+ "language": [
450
+ "ruby"
451
+ ],
452
+ "severity": "critical"
453
+ },
454
+ {
455
+ "id": "SQL033",
456
+ "pattern": "\\.order\\s*\\(\\s*[\"'][^\"']*#\\{",
457
+ "flags": "i",
458
+ "category": "sql_injection",
459
+ "description": "Ruby SQL injection: ActiveRecord with string interpolation",
460
+ "language": [
461
+ "ruby"
462
+ ],
463
+ "severity": "critical"
464
+ },
465
+ {
466
+ "id": "SQL034",
467
+ "pattern": "mysqli_query\\s*\\(\\s*\\$\\w+\\s*,\\s*[\"'][^\"']*[\"']?\\s*\\.\\s*\\$",
468
+ "flags": "i",
469
+ "category": "sql_injection",
470
+ "description": "PHP SQL injection: mysqli_query / mysql_query / PDO",
471
+ "language": [
472
+ "php"
473
+ ],
474
+ "severity": "critical"
475
+ },
476
+ {
477
+ "id": "SQL035",
478
+ "pattern": "mysql_query\\s*\\(\\s*[\"'][^\"']*[\"']?\\s*\\.\\s*\\$",
479
+ "flags": "i",
480
+ "category": "sql_injection",
481
+ "description": "PHP SQL injection: mysqli_query / mysql_query / PDO",
482
+ "language": [
483
+ "php"
484
+ ],
485
+ "severity": "critical"
486
+ },
487
+ {
488
+ "id": "SQL036",
489
+ "pattern": "\\$pdo->query\\s*\\(\\s*[\"'][^\"']*[\"']?\\s*\\.\\s*\\$",
490
+ "flags": "i",
491
+ "category": "sql_injection",
492
+ "description": "PHP SQL injection: mysqli_query / mysql_query / PDO",
493
+ "language": [
494
+ "php"
495
+ ],
496
+ "severity": "critical"
497
+ },
498
+ {
499
+ "id": "SQL037",
500
+ "pattern": "\\$(?:query|sql)\\s*=\\s*[\"'][^\"']*(?:SELECT|INSERT|UPDATE|DELETE)[^\"']*[\"']?\\s*\\.\\s*\\$",
501
+ "flags": "i",
502
+ "category": "sql_injection",
503
+ "description": "PHP SQL injection: mysqli_query / mysql_query / PDO",
504
+ "language": [
505
+ "php"
506
+ ],
507
+ "severity": "critical"
508
+ },
509
+ {
510
+ "id": "SQL038",
511
+ "pattern": "(?:SELECT|INSERT|UPDATE|DELETE)[^\"'\\n]*\\$(?:_GET|_POST|_REQUEST|_COOKIE)\\[",
512
+ "flags": "i",
513
+ "category": "sql_injection",
514
+ "description": "PHP SQL injection: mysqli_query / mysql_query / PDO",
515
+ "language": [
516
+ "php"
517
+ ],
518
+ "severity": "critical"
519
+ },
520
+ {
521
+ "id": "SQL039",
522
+ "pattern": "db\\.(?:Query|QueryRow|Exec)\\s*\\(\\s*fmt\\.Sprintf\\s*\\(",
523
+ "flags": "i",
524
+ "category": "sql_injection",
525
+ "description": "Go SQL injection: db.Query/QueryRow/Exec with fmt.Sprintf",
526
+ "language": [
527
+ "go"
528
+ ],
529
+ "severity": "critical"
530
+ },
531
+ {
532
+ "id": "SQL040",
533
+ "pattern": "r\\.DB\\.(?:Query|QueryRow|Exec|ExecContext)\\s*\\(\\s*fmt\\.Sprintf\\s*\\(",
534
+ "flags": "i",
535
+ "category": "sql_injection",
536
+ "description": "Go SQL injection: db.Query/QueryRow/Exec with fmt.Sprintf",
537
+ "language": [
538
+ "go"
539
+ ],
540
+ "severity": "critical"
541
+ },
542
+ {
543
+ "id": "SQL041",
544
+ "pattern": "h\\.DB\\.(?:Query|QueryRow|Exec)\\s*\\(\\s*fmt\\.Sprintf\\s*\\(",
545
+ "flags": "i",
546
+ "category": "sql_injection",
547
+ "description": "Go SQL injection: db.Query/QueryRow/Exec with fmt.Sprintf",
548
+ "language": [
549
+ "go"
550
+ ],
551
+ "severity": "critical"
552
+ },
553
+ {
554
+ "id": "SQL042",
555
+ "pattern": "[\"']\\s*EXEC\\s+\\w+\\s*['\"\"]\\s*\\+|EXEC\\s+sp_\\w+\\s*['\"\"]\\s*\\+",
556
+ "flags": "i",
557
+ "category": "sql_injection",
558
+ "description": "C# SQL injection: EXEC stored procedure via string concat",
559
+ "language": [
560
+ "csharp"
561
+ ],
562
+ "severity": "critical"
563
+ },
564
+ {
565
+ "id": "SQL043",
566
+ "pattern": "\"EXEC\\s+sp_\\w+[^\"]*\"\\s*\\+|string sql\\s*=\\s*\"EXEC",
567
+ "flags": "i",
568
+ "category": "sql_injection",
569
+ "description": "C# SQL injection: EXEC stored procedure via string concat",
570
+ "language": [
571
+ "csharp"
572
+ ],
573
+ "severity": "critical"
574
+ },
575
+ {
576
+ "id": "SQL044",
577
+ "pattern": "\"[^\"]*(?:SELECT|INSERT|UPDATE|DELETE)[^\"]*\\$[a-zA-Z_]\\w*[^\"]*\"",
578
+ "flags": "i",
579
+ "category": "sql_injection",
580
+ "description": "Kotlin: SQL injection via string template with embedded interpolation",
581
+ "language": [
582
+ "kotlin"
583
+ ],
584
+ "severity": "critical"
585
+ },
586
+ {
587
+ "id": "SQL045",
588
+ "pattern": "\"\"\"\\.format\\s*\\(|'''\\.format\\s*\\(",
589
+ "flags": "",
590
+ "category": "sql_injection",
591
+ "description": "Python: SQL injection via .format() on multi-line raw SQL string",
592
+ "language": [
593
+ "python"
594
+ ],
595
+ "severity": "critical"
596
+ }
597
+ ]