Last active
December 26, 2018 19:43
-
-
Save nstarke/623dd247248ad985c701 to your computer and use it in GitHub Desktop.
Python Security Vulnerability Egrep
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # this command will return places where the application shells out or dynamically executes code: | |
| egrep -r --include "*.py" -e "exec\(|eval\(|subprocess|popen" . | |
| # DJANGO: find places where HTML encoding is turned off via the "safe" attribute: | |
| grep -r --include "*.py" --include "*.html" -e "|safe" . | |
| # DJANGO: find places where unsafe SQL queries are executed: | |
| egrep -r --include "*.py" -e "\.(raw|execute)\(" . | |
| # Non zero values indicate that some sort of CSRF protection is probably enabled. | |
| # run without "| wc -l" to check CSRF-enabled endpoints and compare that list | |
| # against all endpoints | |
| egrep -r "(?i)csrf" . | wc -l | |
| # returns database connection objects. look for hardcoded credentials | |
| egrep -r --include "*.py" -e "(MySQLdb\.connect|MySQLDatabase|psycopg2\.connect|sqlalchemy\.create_engine|MongoClient|connect)\(" . | |
| # returns hardcoded credentials | |
| egrep -r --include "*.py" -e "(user|username|pass|password)\s*\=\s*\".*\"" . | |
| # returns hardcoded port | |
| egrep -r --include "*.py" -e "port\s*\=\s*\d+" . | |
| # returns crypto operations | |
| egrep -r --include "*.py" -e "(DES|AES|Crypto|Cipher|hashlib|Random|md5|sha1|sha256|sha512)" . |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment