Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

与codeql的区别? #8

Closed
HomerQing opened this issue May 12, 2021 · 2 comments
Closed

与codeql的区别? #8

HomerQing opened this issue May 12, 2021 · 2 comments

Comments

@HomerQing
Copy link

初一看感觉与codeql功能比较类似,请问下作者tabby与codeql相比有哪些功能上的区别或优势?
@wh1t3p1g
Copy link
Owner

你好,
你可以简单认为是同一类的工具
tabby更多面向的是已编译的JAR/CLASS/WAR。对于,我们研究商业化软件的漏洞有一定的帮助,比如类似weblogic这种。tabby起到辅助漏洞挖掘的作用是当前的预期,不管是辅助理解当前jar的代码继承关系之类的信息,还是直接查找特定漏洞链路。
codeql以我个人的理解面向的更多是源码级别的(java方面),它当前还是不能直接去分析类似jar这种文件的

@HomerQing
Copy link
Author

了解了,谢谢回复!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@wh1t3p1g @HomerQing