CodeBro
is a web based code browser, using clang AST parser to create cross-reference between
function calls. For those interested, all this idea came from Eli Bendersky's
website.
Parsing AST makes it easy to spot trivial bugs, and using callgraph
makes it easier to focus on potential exploitability on this bug.
It is NOT built in any way for production use and do not make it reachable from public Internet or "You're gonna have a bad time" !
- Code is dirty;
- Code is in release before-alpha, still under heavy development;
- If something's not working properly, try to hack it yourself and only when you're sure it's bug, file it;
- X-refing and parsing are slow but won't over-charge your CPU;
- I don't advise to parse and x-ref huge source code trees, a better approach would be to split it into sub-projects;
That being said, if you still wanna go further, read below.
- LLVM + Clang (with Python bindings)
- Python 2.7+ (but not Python 3.x)
- Django 1.5
- PyDot + PyGraphViz (for graph generation)
- Pygments (for syntax colorization)
- dajax + dajaxice (for Ajax)
- any DBMS compatible with Django (for data storage)
codebro
can be setup manually or as a bundle using docker. The latter is recommended as it makes the whole process of deployment totally automatic.
- Install Vagrant
- Clone codebro repository
$ git clone https://github.com/hugsy/codebro.git && cd codebro
- Build the
codebro
image automagically (go grab a coffee though)
$ vagrant up --provision
That's all folks ! Vagrant will forward TCP/8000 to your codebro
instance in
the VM. Start using codebro
by visiting http://localhost:8000
.
-
Get and install
llvm
engine andclang
compiler. Make sure Python bindings are compiled as well (http://clang.llvm.org/get_started.html) -
Add the path to the Python Clang bindings to
$PYTHONPATH
-
(optional but recommanded) Create a dedicated Python VirtualEnv and move in it
$ mkvirtualenv codebro
$ workon codebro
- Clone CodeBro and install pre-requisites
$ git clone https://github.com/hugsy/codebro.git && pip install -r codebro/requirements.txt
- Make sure it works
$ python -c 'import django; import clang;' && echo 'Party can start now!'
- Move inside
codebro
directory, create database structure, and fill with initial initial data :
$ cd codebro
$ ./manage.py syncdb
- Launch the server
$ ./manage.py runserver
- You can now add, browse and parse applications.
Written by @hugsy and released under GPL v2