Home

Awesome

<h1 align="center">Finding security vulnerabilities with CodeQL</h1> <h5 align="center">@adityasharad and @lcartey</h3> <p align="center"> <a href="#mega-prerequisites">Prerequisites</a> • <a href="#books-resources">Resources</a> </p>

CodeQL is GitHub's expressive language and engine for code analysis, which allows you to explore source code to find bugs and security vulnerabilities. During these beginner-friendly workshops, you will learn to write queries in CodeQL and find known security vulnerabilities in open-source Java and JavaScript projects.

There are two workshops on this topic. Both will cover the basics of writing queries in CodeQL. The first will focus on Java, and the second will focus on JavaScript.

Workshop materials

Please complete the Prerequisites section (below) before the workshop. The following links contain the content that will be covered during the workshop:

  1. Thursday May 7 / 7:00am PDT: Finding security vulnerabilities in Java with CodeQL
  2. Thursday May 7 / 9:30am PDT: Finding security vulnerabilities in JavaScript with CodeQL

:mega: Prerequisites

:books: Resources