CodeQL / Vuln Discovery

Rhabdomancer is a simple Ghidra script that locates all calls to potentially insecure API functions in a binary. Auditors can backtrace from these candidate points to find pathways allowing access from untrusted input.
Haruspex is another Ghidra script that is able to extract all pseudo-code generated by the Ghidra decompiler in a format that should be suitable to be imported into an IDE, such as VS Code, or parsed by static analysis tools, such as Semgrep.
My Semgrep rules are specially crafted to help auditors identify potential bugs and locate hotspots in C/C++ code on which to focus their attention.