Uncover attack surface, sloppy coding practices, and variants of known vulnerabilities using an interactive code analysis shell. Joern supports C, C++, LLVM bitcode, x86 binaries (via Ghidra), JVM bytecode (via Soot), and Javascript. Python, Java source code, Kotlin, and PHP support coming soon.


Wrap your queries into custom code scanners and share them with the community or run existing Joern-based scanners in your CI.


Use Joern as a library to power your own code analysis tools or as a component via the REST API.

Built with at