QODRYX
Documentation
DocsAPICLISDK
DiscordTwitter
DocsAPICLISDK

Security

SAST Scanning

Static Application Security Testing analyzes your source code to find security vulnerabilities without executing the code.

How SAST Works

  1. QODRYX parses your source code into an Abstract Syntax Tree (AST)
  2. AI models analyze code patterns for known vulnerability signatures
  3. Data flow analysis tracks user input through your application
  4. Results are correlated and deduplicated to reduce noise
  5. Each finding includes remediation guidance and code examples

Detected Vulnerabilities

Critical

SQL Injection

Detects unsanitized SQL queries

High

XSS (Cross-Site Scripting)

Finds unescaped user input in HTML

High

Path Traversal

Identifies file path manipulation

Critical

Command Injection

Detects shell command vulnerabilities

High

Insecure Deserialization

Finds unsafe object deserialization

High

SSRF

Server-Side Request Forgery detection

Medium

XXE

XML External Entity vulnerabilities

High

Hardcoded Credentials

Finds embedded passwords and keys

Running a SAST Scan

# Via CLI

qodryx scan --type sast ./src

Or trigger scans automatically on every push via the dashboard settings.

Security OverviewSecret Detection