Download
Joern is a platform for analyzing source code, bytecode, and binary executables. It generates code property graphs (CPGs), a graph representation of code for cross-language code analysis. Code property graphs are stored in a custom graph database. This allows code to be mined using search queries formulated in a Scala-based domain-specific query language. Joern is developed with the goal of providing a useful tool for vulnerability discovery and research in static program analysis.
Features
- Joern allows importing code even if a working build environment cannot be supplied or parts of the code are missing
- Joern creates semantic code property graphs from the fuzzy parser output and stores them in an in-memory graph database
- SCPGs are a language-agnostic intermediate representation of code designed for query-based code analysis
- Joern provides a taint-analysis engine that allows the propagation of attacker-controlled data in the code to be analyzed statically
- Joern offers a strongly-typed Scala-based extensible query language for code analysis based on Gremlin-Scala
- Code property graphs are multi-layered, offering information about code on different levels of abstraction
Project Samples
Categories
Source Code AnalysisLicense
Apache License V2.0Follow Joern
Other Useful Business Software
$300 Free Credits for Your Google Cloud Projects
Launch your next project with $300 in free Google Cloud credits—no strings attached. Test, build, and deploy without risk. Use your credits across the entire Google Cloud platform to find what works best for your needs. After your credits are used, continue with always-free tier services. Only pay when you're ready to scale. Sign up in minutes and start exploring.
Rate This Project
Login To Rate This Project
User Reviews
Be the first to post a review of Joern!
