Sobelow is a security-focused static analysis tool for the Phoenix framework. For security researchers, it is a useful tool for getting a quick view of points-of-interest. For project maintainers, it can be used to prevent the introduction of a number of common vulnerabilities. Potential vulnerabilities are flagged in different colors according to confidence in their insecurity. High confidence is red, medium confidence is yellow, and low confidence is green. A finding is typically marked "low confidence" if it looks like a function could be used insecurely, but it cannot reliably be determined if the function accepts user-supplied input. That is to say, if a finding is marked green, it may be critically insecure, but it will require greater manual validation. This project is in constant development, and additional vulnerabilities will be flagged as time goes on. If you encounter a bug, or would like to request additional features or security checks, please open an issue!

Features

  • Any path arguments should be absolute paths, or relative to the application root
  • Sobelow favors over-reporting versus under-reporting
  • Findings categories are broken up into modules
  • You can install Sobelow globally
  • To use Sobelow, you can add it to your application's dependencies
  • Potential vulnerabilities are flagged in different colors according to confidence in their insecurity

Project Samples

Sobelow Screenshot 1

Project Activity

See All Activity >

Categories

Security, Frameworks

License

Apache License V2.0

Follow Sobelow

Sobelow Web Site

Other Useful Business Software
Empower Your Contact Center with Human-Like AI Conversations Icon
Empower Your Contact Center with Human-Like AI Conversations

Deliver faster resolutions, lower costs, and better CX without hiring another agent.

Enterprise Bot, based in Switzerland, is a pioneer in Conversational AI, Process Automation, and Generative AI. With the trust of esteemed enterprise giants across industries like Generali, SIX, SBB, DHL, and SWICA, Enterprise Bot is revolutionizing both customer and employee experiences. Through its advanced integration with Large Language Models (LLM) such as ChatGPT and Llama 2, and its unique patent-pending DocBrain technology, the company delivers unparalleled personalization, active engagement, and omnichannel solutions across platforms like email, voice, and chat. Furthermore, Enterprise Bot integrates with existing core systems, such as SAP, CRMs, Confluence and more, and with its proprietary middleware, Blitzico, enables the AI to not only respond to queries but also take action to resolve them. This dedication to innovation in four main use case areas, Customer Support, Sales and Marketing, Knowledge Management and Digital Coworker, elevates both CX and employee productivity.
Learn More
Rate This Project
Login To Rate This Project

User Reviews

Be the first to post a review of Sobelow!

Additional Project Details

Programming Language

Elixir

Related Categories

Elixir Security Software, Elixir Frameworks

Registered

2022-10-07
Report inappropriate content