⚠️ At present, there is no scan rule in this version, the scanning rules will be in a recent version of the open source.
Cobra is a static code analysis system that automates the detecting vulnerabilities and security issue.
- Multi-language support
- Multiple code support
- Compatibility
- API
- Automation
1. IT/Network Company
Internet companies can deploy Cobra within the enterprise for developers to use to scan for project risks. It can also be integrated into an internal code distribution system that allows Cobra to become a part of the distribution system by scanning developers for security of code submitted to the line, thereby limiting unsafe code to go online and reducing online risk.
2. Security Company
Security companies for Internet companies for security testing, you can Cobra's global project scanning capabilities of all items of Party A automatic code security audit.
3. White Hat
White Hat can be customized private Cobra scanning rules, open source project code audit, found the vulnerability.
Cobra is currently a beta version, there are some imperfections and bugs, so we need your contribution, whether it is testing, development, vulnerability scanning rules or advice.
- Documents - http://cobra-docs.readthedocs.io
- Website - Coming soon!
- Online Demo - Coming soon!