Original Post: Let’s create a SAST … sort of.. In simple words, this article explored… | by Mauricio Giraldo | Sep, 2024
The article discusses the implementation of Static Application Security Testing (SAST) through a small project developed in Python for scanning NodeJS code. The purpose of the article is to demystify SAST and how it functions, rather than propose a complete alternative to existing SAST products like Checkmarx, Veracode, or Snyk. It aims to explore the detection of vulnerabilities such as SQL Injection and hard-coded passwords, focusing specifically on NodeJS, while hinting at potential extensions for other complexities. The project is presented as an educational and fun experiment, emphasizing understanding over comprehensive replacement.
Go here to read the Original Post