Uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries (via Ghidra) and JVM bytecode. PHP support coming soon.
Wrap your queries into custom code scanners and share them with the community or run existing Joern-based scanners in your CI.
Use Joern as a library to power your own code analysis tools or as a component via the REST API.