codEX Project
Dissect code, analyze logic, find flaws
The goal of the codEX Project is to develop systematic strategies and methodologies to do (semi-)automated source code analysis.

The basic idea is to create a framework which is able to dissect source code. For further analysis on a logical layer a reduced normalization is required. This is realized with a virtual compiler for different programming languages which creates a linear assembly-like structure named as MetaCode™.

Depending on this intermediate code it is possible to do a formal analysis of the dissected program with advanced propositional calculus. Syntactical mistakes (e.g. inadequate parenthesis), logical errors (e.g. off-by-one counters) and security flaws (e.g. SQL injection) can be determined very accurately. Therefore, codEX makes it very easy to find vulnerabilities within applications.

Screenshot of an early beta version supporting PHP