ToolStabil

Velisch Security Scanner

Analysiert Code auf Security-Vulnerabilities wie SQL Injection, XSS und hardcoded Secrets.

Installation

cd tools/security-scanner
cargo build --release

Verwendung

Code scannen

velin-security scan

JSON-Report

velin-security scan --format json > security-report.json

HTML-Report

velin-security scan --format html

Dependencies auditieren

velin-security audit

Erkannte Vulnerabilities

Critical

SQL Injection

Ungeprüfte SQL-Queries

Command Injection

Ungeprüfte System-Commands

Path Traversal

Ungeprüfte Dateipfade

Hardcoded Secrets

Passwörter, API-Keys im Code

High

XSS

Cross-Site Scripting - Ungeprüfter User-Input

CSRF

Cross-Site Request Forgery - Fehlende Token

Insecure Random

Unsichere Zufallszahlen-Generierung

Unsafe Deserialization

Unsichere Deserialisierung

Beispiel-Output

🔍 Velisch Security Scanner
===============================

[CRITICAL] SQL Injection
  Location: src/api/users.velin:42
  Message: Ungeprüfte SQL-Query mit User-Input
  Recommendation: Verwende Prepared Statements oder ORM

[HIGH] XSS Vulnerability
  Location: src/templates/render.velin:15
  Message: User-Input wird ohne Escaping ausgegeben
  Recommendation: Verwende html::escape() oder Auto-Escaping

[MEDIUM] Hardcoded Secret
  Location: src/config.velin:8
  Message: API-Key ist im Code hardcodiert
  Recommendation: Verwende Environment-Variablen

⚠ 3 Vulnerabilities gefunden

Security Rules

SQL Injection Detection

// ❌ VULNERABLE
fn getUser(id: string): User {
    let query = "SELECT * FROM users WHERE id = " + id;
    return db.query(query);
}

// ✅ SAFE
fn getUser(id: string): User {
    return db.find(User, id);
}

Hardcoded Secrets Detection

// ❌ VULNERABLE
let api_key = "sk-1234567890abcdef";

// ✅ SAFE
let api_key = config::get_env("API_KEY");

Konfiguration

.velinsecurityrc.jsonjson
{
  "rules": {
    "sql-injection": "error",
    "xss": "error",
    "hardcoded-secret": "warning",
    "weak-cryptography": "warning"
  },
  "ignore": [
    "test/**",
    "examples/**"
  ],
  "severity-threshold": "medium"
}

CI/CD Integration

.github/workflows/security.ymlyaml
- name: Security Scan
  run: |
    cd tools/security-scanner
    cargo build --release
    ./target/release/velin-security scan --format json > security.json
    if [ -s security.json ]; then
      echo "Security Vulnerabilities gefunden!"
      cat security.json
      exit 1
    fi

False Positives

// velin-security-disable-next-line sql-injection
let query = "SELECT * FROM users WHERE id = " + sanitized_id;

// velin-security-disable-file (für ganze Dateien)
API Doc GeneratorDead Code Detector