$3,000 CodeQL query for finding LDAP Injection – Github Security Lab – Hackerone
Report:
https://hackerone.com/reports/787113
Reporter:
https://hackerone.com/grzegol
https://twitter.com/ggolawski
Code and pull request:
https://github.com/github/codeql/tree/master/java/ql/src/Security/CWE/CWE-090
https://github.com/github/codeql/pull/2651
00:00 Intro
00:14 Github security lab and CodeQL
02:20 LDAP and LDAP injection
03:28 CodeQL query to find LDAP injection
#codeql #hackerone #githubsecuritylab #ghsecuritylab
Add comment