VSCode - Sinks

Search

This cheat sheet helps identify dangerous code patterns in PHP, Java, C#, and Python for OSWE preparation using VS Code or grep.

✅ General Dangerous Functions

grep -RIn --line-number -E "eval|exec|system\(|popen|subprocess|shell_exec|passthru|include\(|require\(|execFile|Runtime\.getRuntime|ProcessBuilder|fetch\(|requests\.get|HttpClient" .

✅ SQL Injection

PHP

grep -RIn --line-number -E "mysql_query|mysqli_query|pdo->query|prepare\(|execute\(|db_query" .

Java

grep -RIn --line-number -E "Statement\.execute|Statement\.executeQuery|prepareStatement|createQuery" .

C#

grep -RIn --line-number -E "SqlCommand|ExecuteReader|ExecuteScalar|ExecuteNonQuery" .

Python

grep -RIn --line-number -E "cursor\.execute|raw\(|execute_sql" .

✅ SSTI / Template Injection

PHP

grep -RIn --line-number -E "Smarty|Twig|Blade|render\(|template" .

Java

grep -RIn --line-number -E "Thymeleaf|Freemarker|Velocity|render\(" .

C#

grep -RIn --line-number -E "Razor|ViewBag|RenderPartial" .

Python

grep -RIn --line-number -E "render_template|Jinja2|Django template" .

✅ XXE

grep -RIn --line-number -E "DocumentBuilderFactory|SAXParser|XMLReader|lxml|xml\.etree" .

✅ XSS (DOM-Based)

grep -RIn --line-number -E "innerHTML|outerHTML|document\.write|location\.href|eval\(|setTimeout\(|setInterval\(" .

✅ Command Injection

PHP

grep -RIn --line-number -E "system\(|exec\(|shell_exec|passthru" .

Java

grep -RIn --line-number -E "Runtime\.getRuntime|ProcessBuilder" .

C#

grep -RIn --line-number -E "Process\.Start" .

Python

grep -RIn --line-number -E "os\.system|subprocess\.Popen|subprocess\.call" .

✅ CSRF / CORS

grep -RIn --line-number -E "Access-Control-Allow-Origin|CORS|Cross-Origin|csrf|XSRF|SameSite|session\.cookie|secure|httponly" .

✅ SSRF

grep -RIn --line-number -E "requests\.get|requests\.post|HttpClient|fetch\(|curl_exec|file_get_contents\(|urllib\.request|axios\.get|axios\.post" .

✅ Prototype Pollution

grep -RIn --line-number -E "Object\.assign|Object\.defineProperty|Object\.setPrototypeOf|__proto__|merge\(|deepMerge" .

✅ Eval / Filter Bypass

grep -RIn --line-number -E "eval\(|Function\(|exec\(|compile\(|Runtime\.getRuntime|ProcessBuilder" .

✅ Insecure Deserialization

PHP

grep -RIn --line-number -E "unserialize\(|__wakeup|__destruct" .

Java

grep -RIn --line-number -E "ObjectInputStream|readObject|XMLDecoder|readResolve|readExternal" .

C#

grep -RIn --line-number -E "BinaryFormatter|SoapFormatter|DataContractSerializer|NetDataContractSerializer|ReadObject" .

Python

grep -RIn --line-number -E "pickle\.load|pickle\.loads|cPickle\.load|cPickle\.loads" .

PreviousOSWE Code Review Cheat Sheet NextVSCode - Sources

Last updated 1 month ago

hashtagSearch

hashtag✅ General Dangerous Functions

hashtag✅ SQL Injection

hashtagPHP

hashtagJava

hashtagC#

hashtagPython

hashtag✅ SSTI / Template Injection

hashtagPHP

hashtagJava

hashtagC#

hashtagPython

hashtag✅ XXE

hashtag✅ XSS (DOM-Based)

hashtag✅ Command Injection

hashtagPHP

hashtagJava

hashtagC#

hashtagPython

hashtag✅ CSRF / CORS

hashtag✅ SSRF

hashtag✅ Prototype Pollution

hashtag✅ Eval / Filter Bypass

hashtag✅ Insecure Deserialization

hashtagPHP

hashtagJava

hashtagC#

hashtagPython

Search

✅ General Dangerous Functions

✅ SQL Injection

PHP

Java

C#

Python

✅ SSTI / Template Injection

PHP

Java

C#

Python

✅ XXE

✅ XSS (DOM-Based)

✅ Command Injection

PHP

Java

C#

Python

✅ CSRF / CORS

✅ SSRF

✅ Prototype Pollution

✅ Eval / Filter Bypass

✅ Insecure Deserialization

PHP

Java

C#

Python