CodeAuditAssistant
🔍 CodeAuditAssistant - JetBrains Code Audit Plugin (Beta) ⚡ Deep Call-Chain Tracking | 🚀 Method/Class Search | 🔥 Prebuilt Vuln Sinks Native Integration | Decompiler/Path Finder | Memory Optimized 🔍 CodeAuditAssistant - IDEA代码审计插件 ⚡ 精准追踪复杂调用链 | 🚀 毫秒级方法搜索 | 🔥 内置高危漏洞检测 原生集成 | 反编译/路径分析 | 内存优化 | 安全审计利器
Install / Use
/learn @SpringKill-team/CodeAuditAssistantREADME
CodeAuditAssistant
Language: English | 中文
Overview
CodeAuditAssistant is an IntelliJ IDEA plugin for JVM code auditing. It provides sink discovery, call-graph analysis, and JAR decompilation to help reviewers locate risky code paths faster.
Requirements
- IntelliJ IDEA
>= 2022.3 - JDK
17+
Core Features
1) SinkFinder
Built-in sink rules for common Java Web vulnerabilities and risky component calls. Results are shown in IDEA Problem View and support navigation to source on double-click.
2) Code Analysis (Call Graph)
Generate call graphs for Entire project or Selected Module. Search supports:
ROOT -> SINKpath searchSINK-only reverse path lookupSearch as sinkfrom a right-clicked method
Method filter examples:
ParamType:java.lang.String,*Annotations:@Override,@xxx
3) Decompiler (Experimental)
Supports JAR decompilation from the plugin UI. The current implementation is still under optimization.
Workflow Demo (Screenshots)
1) SinkFinder Flow
Step 1: Collect sink findings in IDEA Problem View.
Step 2: Double-click an item to jump to source code.
2) Decompiler Flow
Step 1: Select a target JAR and click Run in the decompiler panel.
3) Call-Graph Flow
Step 1: Open the Code Analysis panel and click Generate CallGraph.
Step 2: Choose the build scope (Entire or Selected Module).
Step 3: You can also build from the editor context menu on a method.
Step 4: Enable Info and Path for richer metadata and path results.
Step 5: Open the method finder panel and filter by signature/annotations.
Step 6: Example filtered method list.
Step 7: Search a ROOT -> SINK path.
Step 8: Search by SINK only when the entry point is unknown.
Step 9: Use Search as sink from right-click to auto-fill and search.
Step 10: Read runtime status (CallGraph, node count, memory, messages).
4) Search Result Icon Legend
Path node icon:
Method declaration icon:
Method invocation icon:
Object creation / method-search result icon:
Build & Run
- Build plugin artifact:
./gradlew buildPlugin - Run sandbox IDE for local debugging:
./gradlew runIde - Full build:
./gradlew build
Known Limitations
- Current path search is DFS-based and may not show all parallel paths in dense graphs.
- Call graph is not yet persisted across sessions.
- Duplicate root/source nodes may create repeated paths in some results.
Roadmap
- Improve path search completeness and graph model.
- Add call graph persistence and change monitoring.
- Deduplicate root/source nodes and repeated paths.
- Improve search-result highlighting and library JAR analysis workflow.
