Python Taint v0.39 released: Static Analysis Tool for Detecting Security Vulnerabilities

in #web6 years ago

Python Taint

Static analysis of Python web applications based on theoretical foundations (Control flow graphs, fixed point, data flow analysis)This  report presents the static analysis too PyT which has been created to  detect security vulnerabilities in Python web applications, in  particular applications, built in the framework Flask.
The tool  utilizes the monotone framework for the analysis. An AST is built by the  builtin AST library, and a CFG is built from the AST. The resulting CFG  is then processed so Flask specific features are taken into account. A  modified version of the reaching definitions algorithm is now run by the  fixed-point algorithm to aid the finding of vulnerabilities.  Vulnerabilities are detected based on a definition file containing  ’trigger words’. A trigger word is a word that indicates where the flow  of the program can be dangerous. The detected vulnerabilities are in the  end reported to the developer.
PyT has been created with  flexibility in mind. The analysis can be either changed or extended so  the performance of PyT can be improved upon. Also, the Flask specific  processing can be changed so other frameworks can be analyzed without  major changes to PyT. In order to test the abilities of PyT, a number of  vulnerable applications were manufactured and PyT was evaluated with  these. All the manufactured examples were correctly identified as being  vulnerable by PyT.
To test PyT in a more realistic setting it was  also run on 7 open source projects. Here no vulnerabilities were found.  One of the projects was so big that PyT spent very long on the analysis  and was therefore terminated.

Features

  • Detect Command injection
  • Detect SQL injection
  • Detect XSS
  • Detect directory traversal
  • Get a control flow graph
  • Get a def-use and/or a use-def chain
  • Search GitHub and analyze hits with PyT
  • Scan intraprocedural or interprocedural
  • A lot of customization possible

Install

git clone https://github.com/python-security/pyt.git
python setup.py install
pyt -h



Sort:  

Hi! I am a robot. I just upvoted you! I found similar content that readers might be interested in:
https://securityonline.info/python-taint/

Congratulations @alanna27! You have completed the following achievement on Steemit and have been rewarded with new badge(s) :

Award for the number of posts published

Click on the badge to view your Board of Honor.
If you no longer want to receive notifications, reply to this comment with the word STOP

Do not miss the last post from @steemitboard:
SteemitBoard and the Veterans on Steemit - The First Community Badge.

Do you like SteemitBoard's project? Then Vote for its witness and get one more award!

Congratulations @alanna27! You have completed the following achievement on Steemit and have been rewarded with new badge(s) :

Award for the number of upvotes received

Click on the badge to view your Board of Honor.
If you no longer want to receive notifications, reply to this comment with the word STOP

Do not miss the last post from @steemitboard:
SteemitBoard and the Veterans on Steemit - The First Community Badge.

Do you like SteemitBoard's project? Then Vote for its witness and get one more award!

Congratulations @alanna27! You have completed the following achievement on Steemit and have been rewarded with new badge(s) :

Award for the number of upvotes received

Click on the badge to view your Board of Honor.
If you no longer want to receive notifications, reply to this comment with the word STOP

Do not miss the last post from @steemitboard:
SteemitBoard and the Veterans on Steemit - The First Community Badge.

Do you like SteemitBoard's project? Then Vote for its witness and get one more award!