{"id":14866,"date":"2021-07-21T15:09:46","date_gmt":"2021-07-21T09:39:46","guid":{"rendered":"https:\/\/kalilinuxtutorials.com\/?p=14866"},"modified":"2021-07-21T15:09:46","modified_gmt":"2021-07-21T09:39:46","slug":"bughound","status":"publish","type":"post","link":"https:\/\/kalilinuxtutorials.com\/bughound\/","title":{"rendered":"Bughound : Static Code Analysis Tool Based On Elastic search"},"content":{"rendered":"\n<p><strong>Bughound <\/strong>is an open-source static code analysis tool that analyzes your code and sends the results to Elasticsearch and Kibana to get useful insights about the potential vulnerabilities in your code.<\/p>\n\n\n\n<p>Bughound has its own Elasticsearch and Kibana Docker image that is preconfigured with dashboards to give you a strong visualization for the findings.<\/p>\n\n\n\n<p>You can detect various types of vulnerabilities such as:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Command Injection.<\/li><li>XXE.<\/li><li>Unsafe Deserialization.<\/li><li>And more!<\/li><\/ul>\n\n\n\n<p>Bughound can analyze&nbsp;<code>PHP<\/code>&nbsp;and&nbsp;<code>JAVA<\/code>&nbsp;code for now, and it contains a group of unsafe functions for these languages.<\/p>\n\n\n\n<p>I will make sure to add more and more functions\/languages coverage with time, but for now the main focus is for the project stability itself.<\/p>\n\n\n\n<p><em><strong>Please note that Bughound results are not 100% accurate, it built to help you identify potential weaknesses during your analysis to investigate.<\/strong><\/em><\/p>\n\n\n\n<p class=\"has-text-align-center has-vivid-green-cyan-background-color has-background\"><strong>How It Works?<\/strong><\/p>\n\n\n\n<p>First of all, Bughound will build a list of all the files inside your project based on the extension of the files you want to audit, then it will read each file and try to find any pre-defined unsafe functions for your project&#8217;s language.<\/p>\n\n\n\n<p>The analysis phase depends on pre-configured regex and some custom text matching to detect the potential vulnerabilities, so again, you need to do the manual analysis so you can check if these findings are exploitable.<\/p>\n\n\n\n<p>Finally, it will send the results to the Bughound docker image which has a pre-configured Elasticsearch and Kibana that contain the customized dashboards for your findings.<\/p>\n\n\n\n<p>The dashboards will give you details about the findings such:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Function name.<\/li><li>Category of the vulnerability.<\/li><li>Line number.<\/li><li>And much more!<\/li><\/ul>\n\n\n\n<p>Also using Kibana, you will be able to view the potentially vulnerable code snippet to start doing your analysis and tracing phase to check if it&#8217;s exploitable or not.<\/p>\n\n\n\n<p>Of course, you can use your own ELK stack if you want, and Bughound will do the initial configuration for you, but you will not have the pre-configured dashboards in this case.<\/p>\n\n\n\n<p class=\"has-text-align-center has-vivid-green-cyan-background-color has-background\"><strong>Requirements<\/strong><\/p>\n\n\n\n<p>You can install all the requirements to run Bughound code using the following command:<\/p>\n\n\n\n<p><code><strong>pip3 install -r requirements.txt<\/strong><\/code><\/p>\n\n\n\n<p>That will make sure all the requirements are installed for the code.<\/p>\n\n\n\n<p>Also, you need to&nbsp;<a href=\"https:\/\/docs.docker.com\/engine\/install\/\">i<\/a>nstall Docker&nbsp;in order to run the Bughound image, more regarding this in the next section!<\/p>\n\n\n\n<p><strong>If you want to use your own Elasticsearch and Kibana instances, skip the docker installation step<\/strong><\/p>\n\n\n\n<p class=\"has-text-align-center has-vivid-green-cyan-background-color has-background\"><strong>Installation<\/strong><\/p>\n\n\n\n<p>Make sure to get the latest version of Bughound using the following command:<\/p>\n\n\n\n<p><code>git clone https:\/\/github.com\/mhaskar\/Bughound<\/code><\/p>\n\n\n\n<p>And after installing the requirements in the previous step you can run Bughound using the following command:<\/p>\n\n\n\n<p><code>.\/bughound.py<\/code><\/p>\n\n\n\n<p>You will get the main screen of Bughound.<\/p>\n\n\n\n<p class=\"has-vivid-green-cyan-color has-black-background-color has-text-color has-background\"><strong>\u250c\u2500[askar@hackbook]\u2500[\/opt\/bughound]<br>\u2514\u2500\u2500\u257c $.\/bughound.py<br><em>_ _ _<\/em> <em>_ <em>_ ._<\/em> . <em>_<\/em><br>|<\/em> \\ | | | | \/ <em>|| | | | \/ \\ | | | | | \\ | | | \\<br>| |) | | | | | | | _ | || | | | | | | | | | | | | | .&#8211;. | | _ &lt; | | | | | | |_ | | | | | | | | | | | | . <code>| | | | | | |_) | |<\/code>&#8211;&#8216; | | || | | | | | | <code>--' | |<\/code>&#8211;&#8216; | | |\\ | | &#8216;&#8211;&#8216; | |\/ _____<\/em>\/ ______| || || ______\/ ______\/ || __| |<em>\/<br>\\ \/<br>oVo<br>___XXX<\/em>\/<br>XXXXX<br>\/XXXXX\\<br>\/ XXX \\<br>V V1.0 Beta<br>[+] Example: .\/bughound3.py &#8211;path vulnerable_code\/ &#8211;language php &#8211;extension .php &#8211;name testproject<br>usage: bughound.py [-h] [&#8211;path PATH] [&#8211;git GIT] &#8211;language LANGUAGE<br>&#8211;extension EXTENSION &#8211;name NAME [&#8211;verbose [VERBOSE]]<br>bughound.py: error: argument &#8211;language is required<br>\u250c\u2500[\u2717]\u2500[askar@hackbook]\u2500[\/opt\/bughound]<br>\u2514\u2500\u2500\u257c $<\/strong><\/p>\n\n\n\n<p class=\"has-light-green-cyan-background-color has-background\"><strong>Docker image installation<\/strong><\/p>\n\n\n\n<p>To install the Bughound docker image, you can simply do the following:<\/p>\n\n\n\n<p><code><strong>docker pull bughound\/bughound<\/strong><\/code><\/p>\n\n\n\n<p>And that will pull the latest version of the image and save it to your machine.<\/p>\n\n\n\n<p>Once we pulled the image, we can run it using the following command:<\/p>\n\n\n\n<p><code><strong>docker run --name bughound -p5601:5601 -p 9200:9200 bughound\/bughound<\/strong><\/code><\/p>\n\n\n\n<p>That will run the image under a new container called&nbsp;<code>bughound<\/code>&nbsp;and expose the ports that are needed by Bughound to communicate Elasticsearch and Kibana to your host.<\/p>\n\n\n\n<p>You may need to increase the max virtual memory in order to use the image, so please make sure to run this command:<\/p>\n\n\n\n<p class=\"has-black-color has-white-background-color has-text-color has-background\"><code><strong>sysctl -w vm.max_map_count=262144<\/strong><\/code><\/p>\n\n\n\n<p>After getting two things done, you are ready now to use Bughound!<\/p>\n\n\n\n<p class=\"has-text-align-center has-vivid-green-cyan-background-color has-background\"><strong>Usage<\/strong><\/p>\n\n\n\n<p>To start the analysis process for your code, you should use&nbsp;<code>Bughound.py<\/code>&nbsp;file which has some options, to see these options via the help banner, you can use the following command:<\/p>\n\n\n\n<p class=\"has-vivid-green-cyan-color has-black-background-color has-text-color has-background\"><strong>\u250c\u2500[\u2717]\u2500[askar@hackbook]\u2500[\/opt\/bughound]<br>\u2514\u2500\u2500\u257c $.\/bughound.py -h<br>.<em>_ _ _<\/em> <em>_ <em>_ ._<\/em> . <em>_<\/em><br>|<\/em> \\ | | | | \/ <em>|| | | | \/ \\ | | | | | \\ | | | \\<br>| |) | | | | | | | _ | || | | | | | | | | | | | | | .&#8211;. | | _ &lt; | | | | | | |_ | | | | | | | | | | | | . <code>| | | | | | |_) | |<\/code>&#8211;&#8216; | | || | | | | | | <code>--' | |<\/code>&#8211;&#8216; | | |\\ | | &#8216;&#8211;&#8216; | |\/ _____<\/em>\/ ______| || || ______\/ ______\/ || __| |<em>\/<br>\\ \/<br>oVo<br>___XXX<\/em>\/<br>XXXXX<br>\/XXXXX\\<br>\/ XXX \\<br>V V1.0 Beta<br>[+] Example: .\/bughound3.py &#8211;path vulnerable_code\/ &#8211;language php &#8211;extension .php &#8211;name testproject<br>usage: bughound.py [-h] [&#8211;path PATH] [&#8211;git GIT] &#8211;language LANGUAGE<br>&#8211;extension EXTENSION &#8211;name NAME [&#8211;verbose [VERBOSE]]<br>Optional arguments:<br>-h, &#8211;help show this help message and exit<br>&#8211;path PATH local path of the source code<br>&#8211;git GIT git repository URL<br>&#8211;language LANGUAGE the used programming language<br>&#8211;extension EXTENSION<br>extension to search for<br>&#8211;name NAME project name to use<br>&#8211;verbose [VERBOSE] show debugging messages<br>\u250c\u2500[askar@hackbook]\u2500[\/opt\/bughound]<br>\u2514\u2500\u2500\u257c $<\/strong><\/p>\n\n\n\n<p class=\"has-text-align-left has-light-green-cyan-background-color has-background\"><strong>Scan Local Project<\/strong><\/p>\n\n\n\n<p>For example, to scan a local php project, you can use the following command:<\/p>\n\n\n\n<p class=\"has-vivid-green-cyan-color has-black-background-color has-text-color has-background\"><code><strong>.\/bughound.py --path \/opt\/dummyproject --language php --extension .php --name dummyproject<\/strong><\/code><\/p>\n\n\n\n<p>This command will create a new project called &#8220;dummyproject&#8221; in the Elasticsearch index, and crawl all the local files with the extension &#8220;.php&#8221; in the local path &#8220;\/opt\/dummyproject&#8221; and ship the results to Elasticsearch.<\/p>\n\n\n\n<p class=\"has-text-align-left has-light-green-cyan-background-color has-background\"><strong>Scan Remote Git Repository<\/strong><\/p>\n\n\n\n<p>Also, you can pull a remote project from git repository using&nbsp;<code>--git<\/code>&nbsp;switch like the following:<\/p>\n\n\n\n<p><code><strong>.\/bughound.py --git https:\/\/github.com\/DummyCode\/DummyProject --language php --extension .php --name dummyproject<\/strong><\/code><\/p>\n\n\n\n<p>Bughound will clone the code for you and save it in&nbsp;<code>projects<\/code>&nbsp;directory, then will scan it.<\/p>\n\n\n\n<p class=\"has-text-align-center has-vivid-green-cyan-background-color has-background\"><strong>Preconfigured Dashboards<\/strong><\/p>\n\n\n\n<p>If you decided to use the official Bughound docker image, you will get a couple of ready to use dashboards that will help you to do your analysis.<\/p>\n\n\n\n<p>The following dashboards are available so far:<\/p>\n\n\n\n<ul class=\"wp-block-list\"><li>Bughound main dashboard<\/li><li>Command injection dashboard<\/li><li>Deserialization dashboard<\/li><li>XXE dashboard<\/li><\/ul>\n\n\n\n<p>These dashboards will give you statistics about the functions and code snippets that was found in the code so you can start your analysis process.<\/p>\n\n\n\n<div class=\"wp-block-buttons is-content-justification-center is-layout-flex wp-block-buttons-is-layout-flex\">\n<div class=\"wp-block-button is-style-outline is-style-outline--1\"><a class=\"wp-block-button__link has-vivid-cyan-blue-background-color has-background\" href=\"https:\/\/github.com\/mhaskar\/Bughound\"><strong>Download<\/strong><\/a><\/div>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>Bughound is an open-source static code analysis tool that analyzes your code and sends the results to Elasticsearch and Kibana to get useful insights about the potential vulnerabilities in your code. Bughound has its own Elasticsearch and Kibana Docker image that is preconfigured with dashboards to give you a strong visualization for the findings. You [&hellip;]<\/p>\n","protected":false},"author":4,"featured_media":16968,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/1.bp.blogspot.com\/-bA9y5CUGF_Q\/YPOohdS4dAI\/AAAAAAAAKE8\/Q-jflAw9B08g0MyHH3gOZeoTBXDQNclMgCLcBGAsYHQ\/s517\/1%2B%25281%2529.png","fifu_image_alt":"Bughound : Static Code Analysis Tool Based On Elastic search","_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[28],"tags":[487,1016,3245],"class_list":["post-14866","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-kali","tag-bughound","tag-elasticsearch","tag-static-code"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.0 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Bughound : Static Code Analysis Tool Based On Elastic search<\/title>\n<meta name=\"description\" content=\"Bughound is an open-source static code analysis tool that analyzes your code and sends the results to Elasticsearch and Kibana.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/kalilinuxtutorials.com\/bughound\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Bughound : Static Code Analysis Tool Based On Elastic search\" \/>\n<meta property=\"og:description\" content=\"Bughound is an open-source static code analysis tool that analyzes your code and sends the results to Elasticsearch and Kibana.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/kalilinuxtutorials.com\/bughound\/\" \/>\n<meta property=\"og:site_name\" content=\"Kali Linux Tutorials\" \/>\n<meta property=\"article:published_time\" content=\"2021-07-21T09:39:46+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/1.bp.blogspot.com\/-bA9y5CUGF_Q\/YPOohdS4dAI\/AAAAAAAAKE8\/Q-jflAw9B08g0MyHH3gOZeoTBXDQNclMgCLcBGAsYHQ\/s517\/1%2B%25281%2529.png\" \/>\n<meta name=\"author\" content=\"R K\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:image\" content=\"https:\/\/1.bp.blogspot.com\/-bA9y5CUGF_Q\/YPOohdS4dAI\/AAAAAAAAKE8\/Q-jflAw9B08g0MyHH3gOZeoTBXDQNclMgCLcBGAsYHQ\/s517\/1%2B%25281%2529.png\" \/>\n<meta name=\"twitter:creator\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:site\" content=\"@CyberEdition\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"R K\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/bughound\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/bughound\/\"},\"author\":{\"name\":\"R K\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\"},\"headline\":\"Bughound : Static Code Analysis Tool Based On Elastic search\",\"datePublished\":\"2021-07-21T09:39:46+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/bughound\/\"},\"wordCount\":894,\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/bughound\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/1.bp.blogspot.com\/-bA9y5CUGF_Q\/YPOohdS4dAI\/AAAAAAAAKE8\/Q-jflAw9B08g0MyHH3gOZeoTBXDQNclMgCLcBGAsYHQ\/s517\/1%2B%25281%2529.png\",\"keywords\":[\"Bughound\",\"Elasticsearch\",\"Static Code\"],\"articleSection\":[\"Kali Linux\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/bughound\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/bughound\/\",\"name\":\"Bughound : Static Code Analysis Tool Based On Elastic search\",\"isPartOf\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/bughound\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/bughound\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/1.bp.blogspot.com\/-bA9y5CUGF_Q\/YPOohdS4dAI\/AAAAAAAAKE8\/Q-jflAw9B08g0MyHH3gOZeoTBXDQNclMgCLcBGAsYHQ\/s517\/1%2B%25281%2529.png\",\"datePublished\":\"2021-07-21T09:39:46+00:00\",\"description\":\"Bughound is an open-source static code analysis tool that analyzes your code and sends the results to Elasticsearch and Kibana.\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/kalilinuxtutorials.com\/bughound\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/bughound\/#primaryimage\",\"url\":\"https:\/\/1.bp.blogspot.com\/-bA9y5CUGF_Q\/YPOohdS4dAI\/AAAAAAAAKE8\/Q-jflAw9B08g0MyHH3gOZeoTBXDQNclMgCLcBGAsYHQ\/s517\/1%2B%25281%2529.png\",\"contentUrl\":\"https:\/\/1.bp.blogspot.com\/-bA9y5CUGF_Q\/YPOohdS4dAI\/AAAAAAAAKE8\/Q-jflAw9B08g0MyHH3gOZeoTBXDQNclMgCLcBGAsYHQ\/s517\/1%2B%25281%2529.png\"},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#website\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"name\":\"Kali Linux Tutorials\",\"description\":\"Kali Linux Tutorials\",\"publisher\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#organization\",\"name\":\"Kali Linux Tutorials\",\"url\":\"https:\/\/kalilinuxtutorials.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"contentUrl\":\"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png\",\"width\":272,\"height\":90,\"caption\":\"Kali Linux Tutorials\"},\"image\":{\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/CyberEdition\",\"https:\/\/www.threads.com\/@cybersecurityedition\",\"https:\/\/www.linkedin.com\/company\/cyberedition\",\"https:\/\/www.instagram.com\/cybersecurityedition\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad\",\"name\":\"R K\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g\",\"caption\":\"R K\"},\"url\":\"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Bughound : Static Code Analysis Tool Based On Elastic search","description":"Bughound is an open-source static code analysis tool that analyzes your code and sends the results to Elasticsearch and Kibana.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/kalilinuxtutorials.com\/bughound\/","og_locale":"en_US","og_type":"article","og_title":"Bughound : Static Code Analysis Tool Based On Elastic search","og_description":"Bughound is an open-source static code analysis tool that analyzes your code and sends the results to Elasticsearch and Kibana.","og_url":"https:\/\/kalilinuxtutorials.com\/bughound\/","og_site_name":"Kali Linux Tutorials","article_published_time":"2021-07-21T09:39:46+00:00","og_image":[{"url":"https:\/\/1.bp.blogspot.com\/-bA9y5CUGF_Q\/YPOohdS4dAI\/AAAAAAAAKE8\/Q-jflAw9B08g0MyHH3gOZeoTBXDQNclMgCLcBGAsYHQ\/s517\/1%2B%25281%2529.png","type":"","width":"","height":""}],"author":"R K","twitter_card":"summary_large_image","twitter_image":"https:\/\/1.bp.blogspot.com\/-bA9y5CUGF_Q\/YPOohdS4dAI\/AAAAAAAAKE8\/Q-jflAw9B08g0MyHH3gOZeoTBXDQNclMgCLcBGAsYHQ\/s517\/1%2B%25281%2529.png","twitter_creator":"@CyberEdition","twitter_site":"@CyberEdition","twitter_misc":{"Written by":"R K","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/kalilinuxtutorials.com\/bughound\/#article","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/bughound\/"},"author":{"name":"R K","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad"},"headline":"Bughound : Static Code Analysis Tool Based On Elastic search","datePublished":"2021-07-21T09:39:46+00:00","mainEntityOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/bughound\/"},"wordCount":894,"publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/bughound\/#primaryimage"},"thumbnailUrl":"https:\/\/1.bp.blogspot.com\/-bA9y5CUGF_Q\/YPOohdS4dAI\/AAAAAAAAKE8\/Q-jflAw9B08g0MyHH3gOZeoTBXDQNclMgCLcBGAsYHQ\/s517\/1%2B%25281%2529.png","keywords":["Bughound","Elasticsearch","Static Code"],"articleSection":["Kali Linux"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/kalilinuxtutorials.com\/bughound\/","url":"https:\/\/kalilinuxtutorials.com\/bughound\/","name":"Bughound : Static Code Analysis Tool Based On Elastic search","isPartOf":{"@id":"https:\/\/kalilinuxtutorials.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/kalilinuxtutorials.com\/bughound\/#primaryimage"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/bughound\/#primaryimage"},"thumbnailUrl":"https:\/\/1.bp.blogspot.com\/-bA9y5CUGF_Q\/YPOohdS4dAI\/AAAAAAAAKE8\/Q-jflAw9B08g0MyHH3gOZeoTBXDQNclMgCLcBGAsYHQ\/s517\/1%2B%25281%2529.png","datePublished":"2021-07-21T09:39:46+00:00","description":"Bughound is an open-source static code analysis tool that analyzes your code and sends the results to Elasticsearch and Kibana.","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/kalilinuxtutorials.com\/bughound\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/bughound\/#primaryimage","url":"https:\/\/1.bp.blogspot.com\/-bA9y5CUGF_Q\/YPOohdS4dAI\/AAAAAAAAKE8\/Q-jflAw9B08g0MyHH3gOZeoTBXDQNclMgCLcBGAsYHQ\/s517\/1%2B%25281%2529.png","contentUrl":"https:\/\/1.bp.blogspot.com\/-bA9y5CUGF_Q\/YPOohdS4dAI\/AAAAAAAAKE8\/Q-jflAw9B08g0MyHH3gOZeoTBXDQNclMgCLcBGAsYHQ\/s517\/1%2B%25281%2529.png"},{"@type":"WebSite","@id":"https:\/\/kalilinuxtutorials.com\/#website","url":"https:\/\/kalilinuxtutorials.com\/","name":"Kali Linux Tutorials","description":"Kali Linux Tutorials","publisher":{"@id":"https:\/\/kalilinuxtutorials.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/kalilinuxtutorials.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/kalilinuxtutorials.com\/#organization","name":"Kali Linux Tutorials","url":"https:\/\/kalilinuxtutorials.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/","url":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","contentUrl":"https:\/\/kalilinuxtutorials.com\/wp-content\/uploads\/2025\/07\/Kali.png","width":272,"height":90,"caption":"Kali Linux Tutorials"},"image":{"@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/CyberEdition","https:\/\/www.threads.com\/@cybersecurityedition","https:\/\/www.linkedin.com\/company\/cyberedition","https:\/\/www.instagram.com\/cybersecurityedition\/"]},{"@type":"Person","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/69444b58b9e267a4cf08fceb34b6f6ad","name":"R K","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/kalilinuxtutorials.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d3937c9687f2da11bc0a716404ff91779fe19ca115208dbf66167ad353aca5aa?s=96&d=mm&r=g","caption":"R K"},"url":"https:\/\/kalilinuxtutorials.com\/author\/ranjith\/"}]}},"jetpack_featured_media_url":"https:\/\/1.bp.blogspot.com\/-bA9y5CUGF_Q\/YPOohdS4dAI\/AAAAAAAAKE8\/Q-jflAw9B08g0MyHH3gOZeoTBXDQNclMgCLcBGAsYHQ\/s517\/1%2B%25281%2529.png","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":15482,"url":"https:\/\/kalilinuxtutorials.com\/tsharkvm\/","url_meta":{"origin":14866,"position":0},"title":"TsharkVM : Tshark + ELK Analytics Virtual Machine","author":"R K","date":"September 8, 2021","format":false,"excerpt":"tsharkVM, this project builds virtual machine which can be used for analytics of tshark -T ek (ndjson) output. The virtual appliance is built using vagrant, which builds Debian 10 with pre-installed and pre-configured ELK stack. After the VM is up, the process is simple: decoded pcaps (tshark -T ek output\u00a0\/\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/1.bp.blogspot.com\/-dC8Jn6UjMKI\/YScmTH_CS4I\/AAAAAAAAKkw\/u5aaSS5-74ALSO32eeM0q7--ybrq0_jbACLcBGAsYHQ\/s728\/open-sesame%25281%2529%2B%25281%2529.png?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/1.bp.blogspot.com\/-dC8Jn6UjMKI\/YScmTH_CS4I\/AAAAAAAAKkw\/u5aaSS5-74ALSO32eeM0q7--ybrq0_jbACLcBGAsYHQ\/s728\/open-sesame%25281%2529%2B%25281%2529.png?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/1.bp.blogspot.com\/-dC8Jn6UjMKI\/YScmTH_CS4I\/AAAAAAAAKkw\/u5aaSS5-74ALSO32eeM0q7--ybrq0_jbACLcBGAsYHQ\/s728\/open-sesame%25281%2529%2B%25281%2529.png?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/1.bp.blogspot.com\/-dC8Jn6UjMKI\/YScmTH_CS4I\/AAAAAAAAKkw\/u5aaSS5-74ALSO32eeM0q7--ybrq0_jbACLcBGAsYHQ\/s728\/open-sesame%25281%2529%2B%25281%2529.png?resize=700%2C400&ssl=1 2x"},"classes":[]},{"id":17450,"url":"https:\/\/kalilinuxtutorials.com\/tsharkvm-2\/","url_meta":{"origin":14866,"position":1},"title":"TSharkVM : TShark + ELK Analytics Virtual Machine","author":"R K","date":"August 7, 2021","format":false,"excerpt":"tsharkVM, this project builds virtual machine which can be used for analytics of tshark -T ek (ndjson) output. The virtual appliance is built using vagrant, which builds Debian 10 with pre-installed and pre-configured ELK stack. After the VM is up, the process is simple: decoded pcaps (tshark -T ek output\u00a0\/\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":30908,"url":"https:\/\/kalilinuxtutorials.com\/the-elastic-container-project\/","url_meta":{"origin":14866,"position":2},"title":"The Elastic Container Project &#8211; Streamlining Security Research With A Quick Setup Guide","author":"Varshini","date":"October 17, 2023","format":false,"excerpt":"Stand up a 100% containerized Elastic stack, TLS secured, with Elasticsearch, Kibana, Fleet, and the Detection Engine all pre-configured, enabled and ready to use, within minutes. If you're interested in more details regarding this project and what to do once you have it running, check out our\u00a0blog post\u00a0on the Elastic\u2026","rel":"","context":"In &quot;Cyber security&quot;","block_context":{"text":"Cyber security","link":"https:\/\/kalilinuxtutorials.com\/category\/cyber-security\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh4xDMgmlrl_6BYb5KeP7OoXQdvXJC07oI7ewP8Bsx-7Ly97ZqaVSj6NmAHd0RgexpVFo2PyXvjoLtEJIAFo-umFX8_G0N2694grvPpr_w4FvtMw6_Ov16jo0qCKdaD7GwwMmT3nDgNC4zI2KZj_qnnr1t9tlV8MVj2iTr0g6Oht5sYzzOvjlgVANswfUok\/s16000\/Untitled%20design%20%2831%29.webp?resize=350%2C200&ssl=1","width":350,"height":200,"srcset":"https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh4xDMgmlrl_6BYb5KeP7OoXQdvXJC07oI7ewP8Bsx-7Ly97ZqaVSj6NmAHd0RgexpVFo2PyXvjoLtEJIAFo-umFX8_G0N2694grvPpr_w4FvtMw6_Ov16jo0qCKdaD7GwwMmT3nDgNC4zI2KZj_qnnr1t9tlV8MVj2iTr0g6Oht5sYzzOvjlgVANswfUok\/s16000\/Untitled%20design%20%2831%29.webp?resize=350%2C200&ssl=1 1x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh4xDMgmlrl_6BYb5KeP7OoXQdvXJC07oI7ewP8Bsx-7Ly97ZqaVSj6NmAHd0RgexpVFo2PyXvjoLtEJIAFo-umFX8_G0N2694grvPpr_w4FvtMw6_Ov16jo0qCKdaD7GwwMmT3nDgNC4zI2KZj_qnnr1t9tlV8MVj2iTr0g6Oht5sYzzOvjlgVANswfUok\/s16000\/Untitled%20design%20%2831%29.webp?resize=525%2C300&ssl=1 1.5x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh4xDMgmlrl_6BYb5KeP7OoXQdvXJC07oI7ewP8Bsx-7Ly97ZqaVSj6NmAHd0RgexpVFo2PyXvjoLtEJIAFo-umFX8_G0N2694grvPpr_w4FvtMw6_Ov16jo0qCKdaD7GwwMmT3nDgNC4zI2KZj_qnnr1t9tlV8MVj2iTr0g6Oht5sYzzOvjlgVANswfUok\/s16000\/Untitled%20design%20%2831%29.webp?resize=700%2C400&ssl=1 2x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh4xDMgmlrl_6BYb5KeP7OoXQdvXJC07oI7ewP8Bsx-7Ly97ZqaVSj6NmAHd0RgexpVFo2PyXvjoLtEJIAFo-umFX8_G0N2694grvPpr_w4FvtMw6_Ov16jo0qCKdaD7GwwMmT3nDgNC4zI2KZj_qnnr1t9tlV8MVj2iTr0g6Oht5sYzzOvjlgVANswfUok\/s16000\/Untitled%20design%20%2831%29.webp?resize=1050%2C600&ssl=1 3x, https:\/\/i0.wp.com\/blogger.googleusercontent.com\/img\/b\/R29vZ2xl\/AVvXsEh4xDMgmlrl_6BYb5KeP7OoXQdvXJC07oI7ewP8Bsx-7Ly97ZqaVSj6NmAHd0RgexpVFo2PyXvjoLtEJIAFo-umFX8_G0N2694grvPpr_w4FvtMw6_Ov16jo0qCKdaD7GwwMmT3nDgNC4zI2KZj_qnnr1t9tlV8MVj2iTr0g6Oht5sYzzOvjlgVANswfUok\/s16000\/Untitled%20design%20%2831%29.webp?resize=1400%2C800&ssl=1 4x"},"classes":[]},{"id":7702,"url":"https:\/\/kalilinuxtutorials.com\/dsiem-security-event-correlation-engine-elk-stack\/","url_meta":{"origin":14866,"position":3},"title":"Dsiem : Security Event Correlation Engine For ELK Stack","author":"R K","date":"December 16, 2019","format":false,"excerpt":"Dsiem is a security event correlation engine for ELK stack, allowing the platform to be used as a dedicated and full-featured SIEM system. It provides OSSIM-style correlation for normalized logs\/events, perform lookup\/query to threat intelligence and vulnerability information sources, and produces risk-adjusted alarms. Features Runs in standalone or clustered mode\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":5962,"url":"https:\/\/kalilinuxtutorials.com\/vulnwhisperer-create-actionable-data-from-your-vulnerability-scans\/","url_meta":{"origin":14866,"position":4},"title":"VulnWhisperer : Create Actionable Data From Your Vulnerability Scans","author":"R K","date":"July 29, 2019","format":false,"excerpt":"VulnWhisperer is a vulnerability management tool and report aggregator. VulnWhisperer will pull all the reports from the different Vulnerability scanners and create a file with a unique filename for each one, using that data later to sync with Jira and feed Logstash. Jira does a closed cycle full Sync with\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/i0.wp.com\/img.youtube.com\/vi\/zrEuTtRUfNw\/0.jpg?resize=350%2C200","width":350,"height":200},"classes":[]},{"id":21586,"url":"https:\/\/kalilinuxtutorials.com\/smbeagle\/","url_meta":{"origin":14866,"position":5},"title":"SMBeagle : Fileshare Auditing Tool That Hunts Out All Files It Can See In The Network And Reports If The File Can Be Read And\/Or Written","author":"R K","date":"February 7, 2022","format":false,"excerpt":"SMBeagle is an (SMB) file share auditing tool that hunts out all files it can see in the network and reports if the file can be read and\/or written. All these findings are streamed out to either a CSV file or an elastic search host, or both!?\u00a0 SMBeagle tries to\u2026","rel":"","context":"In &quot;Kali Linux&quot;","block_context":{"text":"Kali Linux","link":"https:\/\/kalilinuxtutorials.com\/category\/kali\/"},"img":{"alt_text":"","src":"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEjBe9HJbVaahleq-O5j9FNL924krUiQrwPI2RO0V86XgQvxq0hg3BqVSQDvfQ3EYfNIJHNuijhhFLsNxyEawSTqPdILVANencnZvzEFeC30TQpS7ECfdZdeGCnEzc5i3pHlVh_45VU6EP7o_d-l9AwOYg0kk-BLBWtOI8qgeKHVVU7CtOjHlEJa9dSv=s1114","width":350,"height":200,"srcset":"https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEjBe9HJbVaahleq-O5j9FNL924krUiQrwPI2RO0V86XgQvxq0hg3BqVSQDvfQ3EYfNIJHNuijhhFLsNxyEawSTqPdILVANencnZvzEFeC30TQpS7ECfdZdeGCnEzc5i3pHlVh_45VU6EP7o_d-l9AwOYg0kk-BLBWtOI8qgeKHVVU7CtOjHlEJa9dSv=s1114 1x, https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEjBe9HJbVaahleq-O5j9FNL924krUiQrwPI2RO0V86XgQvxq0hg3BqVSQDvfQ3EYfNIJHNuijhhFLsNxyEawSTqPdILVANencnZvzEFeC30TQpS7ECfdZdeGCnEzc5i3pHlVh_45VU6EP7o_d-l9AwOYg0kk-BLBWtOI8qgeKHVVU7CtOjHlEJa9dSv=s1114 1.5x, https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEjBe9HJbVaahleq-O5j9FNL924krUiQrwPI2RO0V86XgQvxq0hg3BqVSQDvfQ3EYfNIJHNuijhhFLsNxyEawSTqPdILVANencnZvzEFeC30TQpS7ECfdZdeGCnEzc5i3pHlVh_45VU6EP7o_d-l9AwOYg0kk-BLBWtOI8qgeKHVVU7CtOjHlEJa9dSv=s1114 2x, https:\/\/blogger.googleusercontent.com\/img\/a\/AVvXsEjBe9HJbVaahleq-O5j9FNL924krUiQrwPI2RO0V86XgQvxq0hg3BqVSQDvfQ3EYfNIJHNuijhhFLsNxyEawSTqPdILVANencnZvzEFeC30TQpS7ECfdZdeGCnEzc5i3pHlVh_45VU6EP7o_d-l9AwOYg0kk-BLBWtOI8qgeKHVVU7CtOjHlEJa9dSv=s1114 3x"},"classes":[]}],"_links":{"self":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/14866","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/comments?post=14866"}],"version-history":[{"count":0,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/posts\/14866\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media\/16968"}],"wp:attachment":[{"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/media?parent=14866"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/categories?post=14866"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kalilinuxtutorials.com\/wp-json\/wp\/v2\/tags?post=14866"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}