init

Author: RedRaysTeam

.github/workflows/ci.yml

@@ -0,0 +1,53 @@
+stages:
+  - lint
+  - test
+  - build
+  - deploy
+
+variables:
+  PIP_CACHE_DIR: "$CI_PROJECT_DIR/.pip-cache"
+
+cache:
+  paths:
+    - .pip-cache/
+
+lint:
+  stage: lint
+  image: python:3.9
+  before_script:
+    - pip install flake8
+  script:
+    - flake8 .
+
+test:
+  stage: test
+  image: python:3.9
+  before_script:
+    - pip install -r requirements.txt
+    - pip install pytest pytest-cov
+  script:
+    - pytest tests/ --cov=./ --cov-report=xml
+  artifacts:
+    reports:
+      coverage_report:
+        coverage_format: cobertura
+        path: coverage.xml
+
+build:
+  stage: build
+  image: python:3.9
+  script:
+    - pip install pyinstaller
+    - pyinstaller --onefile main.py
+  artifacts:
+    paths:
+      - dist/main
+
+deploy:
+  stage: deploy
+  image: python:3.9
+  script:
+    - echo "Deploying application..."
+    # Add your deployment steps here
+  only:
+    - main  # This job will only run on the main branch

.idea/.gitignore

@@ -0,0 +1,29 @@
+# checks/check_abap_outgoing_ftp_conn.py
+
+import re
+from dataclasses import dataclass
+from typing import List
+
+@dataclass
+class CheckResult:
+    line_number: int
+    line_content: str
+
+class CheckAbapOutgoingFtpConn:
+    title = "Outgoing FTP Connection"
+    severity = "Low"
+    vulnerability_type = "Unencrypted Communications"
+
+    def __init__(self):
+        self.pattern = re.compile(
+            r"(\bCALL FUNCTION\b)(\s*'FTP_CONNECT'.+?\.)",
+            re.DOTALL | re.IGNORECASE
+        )
+
+    def run(self, file_content: str) -> List[CheckResult]:
+        match = self.pattern.search(file_content)
+        if match:
+            line_number = file_content[:match.start()].count('\n') + 1
+            return [CheckResult(line_number, match.group().strip())]
+        return []
+

.idea/AbapCodeScannerFramework.iml

@@ -0,0 +1,35 @@
+# checks/check_broken_auth_check.py
+
+import re
+from dataclasses import dataclass
+from typing import List
+
+
+@dataclass
+class CheckResult:
+    line_number: int
+    line_content: str
+
+
+class CheckBrokenAuthCheck:
+    title = "Broken AUTH Checks"
+    severity = "Medium"
+    vulnerability_type = "Access Control Bypass"
+
+    def __init__(self):
+        self.main_pattern = re.compile(
+            r"(?ims)^[\s]*(\bAUTHORITY-CHECK\b\s*OBJECT.+?\.)\s*(\s*IF\s*sy(st)?-subrc)?",
+            re.DOTALL | re.IGNORECASE
+        )
+
+    def check_second_stage(self, match: re.Match) -> bool:
+        if_subrc_pattern = re.compile(r"(?ims)^[\s]*IF\s*sy(st)?-subrc", re.IGNORECASE)
+        return not if_subrc_pattern.search(match.group())
+
+    def run(self, file_content: str) -> List[CheckResult]:
+        results = []
+        for match in self.main_pattern.finditer(file_content):
+            if self.check_second_stage(match):
+                line_number = file_content[:match.start()].count('\n') + 1
+                results.append(CheckResult(line_number, match.group().strip()))
+        return results