| The personal site of Remco Vermeulen

I have the privilege of open-sourcing most of the CodeQL workshop material I develop.

The following material is available on my personal account. Other great material created by my awesome colleagues and myself can be found here

C/C++

Syntactic reasoning: Learn how QL represents C/C++ program elements, how you can query those program elements, and how to encapsulate those program elements using QL classes.
Control flow: Learn about control flow, how control flow is represented and how you can answer reachability questions using control flow.
Integer conversion: Learn how to find integer conversion vulnerabilities.
Vulnerable Linux Driver: Find a buffer overflow and a use after free in the Vulnerable Linux Driver. Note: This workshop lacks a README with background information and exercises.
Data flow II: Example queries showcasing old-style (using classes) global data flow, new-style (using modules) global data flow, and partial path graphs for debugging data flow configurations. Note: This workshop lacks a README with background information and exercises.

Syntactic reasoning: Learn how QL represents Java program elements and learn how to query program elements by implementing an Andersen style points-to analysis.
Control flow: Learn about control flow, how control flow is represented and how you can answer reachability questions using control flow.
Data flow I: Learn how to use data flow analysis to find a known SQL injection in an open-source project.
Data flow II: Example queries showcasing global data flow, partial path graphs for debugging data flow configurations, and a custom barrier implementation. Note: This workshop lacks a README with background information and exercises.

Introduction: Learn how to syntactically reason about JavaScript programs, learn how identify calls to dependencies using the API Graph, and use global data flow to find a prototype pollution vulnerability.