mschwager Follow

mschwager Follow

mschwager

Follow

134 followers · 89 following · 332

Highlights

Arctic Code Vault Contributor

Organizations

Popular repositories

fierce

A DNS reconnaissance tool for locating non-contiguous IP space.

Python 1k 133
dhcpwn

All your IPs are belong to us.

Python 638 55
gitem

A Github organization reconnaissance tool.

Python 186 40
0wned

Code execution via Python package installation.

Python 135 25
cohesion

A tool for measuring Python class cohesion.

Python 119 2
riplink

Find dead links on the web.

Go 51 4

1,046 contributions in the last year

Contribution activity

October 2020

Created a pull request in returntocorp/semgrep that received 5 comments

Add 'metavariable-comparison' frontend to expression eval

Fixes #1724. Things notably out-of-scope for the first iteration of this functionality: 1.) Multi-language expressions 2.) Multi-metavariable expre…

+406 −16 • 5 comments

Convert tabs to spaces and align 'ruleid:' and 'ok:' Oct 23
Update ReDoS rule with all methods Oct 22
Fix spelling Oct 22
Fix new pre-commit rules on old changes Oct 22
Add whitespace and end of file fixer to pre-commit Oct 21
Avoid subprocess false positive Oct 21
Update 'ok' -> 'ok:<rule-id>' where possible Oct 20
Include additional patterns in tarfile rule Oct 20
Remove trailing whitespace Oct 19
Fix rule TODOs where possible Oct 16
Move number comparisons from pattern-where-python to metavariable-comparison where possible Oct 15

Error out in --test if ruleid or ok not in reported IDs Oct 22
Move metavariable-comparison docs to experimental Oct 19
Add note on full function path Oct 6
Make `--include` additive rather than subtractive Oct 2
Add Jenkins information to integrations Oct 1

edit this to catch all instances of verify_none Oct 26
md5 rules for ocaml Oct 26
Update ReDoS rule with all methods Oct 22
added file finally Oct 22
fixed spelling of interter to integer Oct 22
Create rule_bug_report.md Oct 22
Fix small spelling mistake Oct 22
Pointer fix Oct 9
Eliminate js Oct 9
sqlalchemy sql injection rules Oct 6
JBoss SQLi Oct 6
add docker-arbitrary-container-run rule Oct 6

only trigger DUO116 when shell=True Oct 14

Created an issue in returntocorp/semgrep-rules that received 2 comments

Move to one rule per YAML file

We currently allow one or more rules per YAML configuration file. This is nice for grouping multiple, similar rules together, but can make it diffi…

2 comments

Attach ipdb to new TTY after reading stdin Oct 21

Convert remaining 'ok' tags to 'ok: <rule-id>' Oct 21

Include safe implementation of 'TarFile.extract' Oct 20

Add Python 3.9 support Oct 14

15 contributions in private repositories Oct 1 – Oct 26

You can’t perform that action at this time.