Uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, and JVM bytecode. PHP and binary code analysis via Ghidra are on the way.


Wrap your queries into custom code scanners and share them with the community or run existing Joern-based scanners in your CI.


Use Joern as a library to power your own code analysis tools or as a component via the REST API.

Built with at