Does Sonar detect code hack which tries to steal db credentials and send by email or expose as an API?
Welcome to the community!
We offer static code analysis, including SAST.
In answer to your question, a “hack” is an action taken by users. We detect vulnerable points in your code which might allow a user to perpetrate a hack. You may be interested in our security-related rules.