A key component of the Real time Vulnerability Scanning using Cat.Net and Roslyn (SAST) PoC is the 'Real Time' part :)
The only way to achieve that type scanning speeds was to find a way to directly consume (i.e. access) Cat.Net scanning engine directly (i.e. in-process), instead of the command line (this will also be critical when we try to scan large projects, which will need to sliced, partially scanned and have its results glued/merged).
The document below shows how I did that and the evolution of the scripts.
Note that by these techniques, we have access to the entire Cat.Net scanning engine and can easily control its rules and execution workflow :)
In addition to the sheer fast-prototyping/development speed that we get with O2's REPL Scripting environment, one the key advantages of doing this type of development on top of the O2 Platform is the number of Static-Analysis-focused tools/APIs that already exists. For example note how I was able to easy consume/transform the Cat.Net findings into O2Findings (which can then be consumed/manipulated by the multiple O2Finding's viewers and tools)
asd