From f1225f7b76f2a229117ca67432bddb7bae1961be Mon Sep 17 00:00:00 2001
From: htrgouvea <hi@heitorgouvea.me>
Date: Sat, 4 Jan 2025 11:43:20 +0300
Subject: [PATCH] new rule to detect the usage of rand() function

---
 rules/default.yml | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/rules/default.yml b/rules/default.yml
index 2ea2884..83e06e4 100644
--- a/rules/default.yml
+++ b/rules/default.yml
@@ -26,4 +26,10 @@ rules:
     name: Weak Criptography Algorithm
     message: Weak algorithms like MD5 are susceptible to various attacks and should be avoided in favor of stronger alternatives to ensure the security of sensitive data.
     sample:
-      - md5
\ No newline at end of file
+      - md5
+  - id: '0005'
+    category: vuln
+    name: Weak Random Value Generator
+    message: Weak random value generators can lead to predictable values, which can be exploited by attackers to bypass security controls.
+    sample:
+      - rand
\ No newline at end of file