..
init-py-test
Fix infinite loop issue
2018-02-01 13:10:16 -06:00
__init__.py
Fix infinite loop issue
2018-02-01 13:10:16 -06:00
assert.py
Adding a check for the use of Assert
2015-05-06 14:06:44 +01:00
binding.py
First test targeting Str nodes (binding to all interfaces)
2014-08-14 15:46:50 -07:00
cipher-modes.py
Check for insecure cipher modes
2015-10-08 23:16:38 -07:00
ciphers.py
Add Cryptodome to blacklist and weak ciphers/hash
2017-01-12 23:53:24 -08:00
crypto-md5.py
Add sha-1 to list of insecure hashes
2017-02-25 15:39:37 -08:00
eval.py
Update the config file, and use yaml.safe_load()
2015-03-12 17:11:46 -05:00
exec-as-root.py
Add ceilometer to rootwrap check
2015-02-26 10:19:26 -08:00
exec-py2.py
Clean up tests and examples for Python 3.4
2015-06-03 16:47:25 -05:00
exec-py3.py
Clean up tests and examples for Python 3.4
2015-06-03 16:47:25 -05:00
flask_debug.py
Add check for Flask app debug=True usage
2015-10-13 13:56:35 -04:00
ftplib.py
Add functional tests for B308, B321, and B402
2016-12-19 09:41:12 -08:00
hardcoded-passwords.py
Refactor check_example to be clearer on error
2017-02-23 19:01:46 -08:00
hardcoded-tmp.py
Making the /tmp file test more accurate
2015-10-07 15:51:28 +02:00
hashlib_new_insecure_functions.py
Plugin to flag insecure hash functions created using hashlib.new()
2017-09-28 21:50:27 -07:00
httplib_https.py
blacklist_calls: add Python3 and six versions of some functions
2015-11-06 18:04:44 +01:00
httpoxy_cgihandler.py
Add check for httpoxy vulnerability
2016-07-31 21:25:47 -07:00
httpoxy_twisted_directory.py
Add check for httpoxy vulnerability
2016-07-31 21:25:47 -07:00
httpoxy_twisted_script.py
Add check for httpoxy vulnerability
2016-07-31 21:25:47 -07:00
imports-aliases.py
Adding a test for partial paths in exec functions
2015-07-02 19:20:16 +01:00
imports-from.py
Fix relative imports and error handling
2014-07-17 11:52:33 -07:00
imports-function.py
[Trivialfix]Fix typos
2017-09-13 00:12:18 -07:00
imports-with-importlib.py
Add module loaded through importlib
2017-12-28 04:12:35 -06:00
imports.py
initial commit
2014-07-16 10:27:50 -07:00
input.py
Adding "input()" to the blacklist calls list
2016-09-20 11:19:43 +01:00
jinja2_templating.py
Do not flag new way of escaping in jinja2 plugin
2017-08-02 15:54:56 -07:00
mako_templating.py
Add mako templating plugin and XSS profile
2015-03-05 08:44:09 -08:00
mark_safe.py
Add functional tests for B308, B321, and B402
2016-12-19 09:41:12 -08:00
marshal_deserialize.py
Update example files to work on Python 2 & 3
2015-06-03 16:28:36 +00:00
mktemp.py
Support dynamic loading of tests
2014-07-17 11:23:57 -07:00
multiline_statement.py
Making the /tmp file test more accurate
2015-10-07 15:51:28 +02:00
new_candidates-all.py
Functional tests for baseline comparisons
2016-02-19 12:15:25 -06:00
new_candidates-none.py
Additional baseline candidate test coverage
2016-02-25 10:43:26 -06:00
new_candidates-nosec.py
Additional baseline candidate test coverage
2016-02-25 10:43:26 -06:00
new_candidates-some.py
Additional baseline candidate test coverage
2016-02-25 10:43:26 -06:00
nonsense2.py
Catch general exception on per-file basis
2016-04-13 09:39:21 -07:00
nonsense.py
Add support for skipping files
2014-07-17 12:10:18 -07:00
nosec.py
Allow precise #nosec placement
2016-01-08 10:06:22 +11:00
okay.py
Rework case where no findings are found
2014-07-25 11:20:20 -07:00
os_system.py
Adding a test for partial paths in exec functions
2015-07-02 19:20:16 +01:00
os-chmod-py2.py
bad_file_permissions check: Use correct filename
2015-09-04 14:58:49 -07:00
os-chmod-py3.py
Clean up tests and examples for Python 3.4
2015-06-03 16:47:25 -05:00
os-exec.py
Modify call_bad_names test to use regex and add to blacklist
2014-07-25 11:10:03 -07:00
os-popen.py
os.system et al. all spawn a shell so we should use the same logic
2015-11-11 14:29:17 +00:00
os-spawn.py
Modify call_bad_names test to use regex and add to blacklist
2014-07-25 11:10:03 -07:00
os-startfile.py
Adding a test for partial paths in exec functions
2015-07-02 19:20:16 +01:00
paramiko_injection.py
Some spelling error need to be fixed
2016-08-04 05:31:32 +00:00
partial_path_process.py
Fixing partial path detection for Windows
2016-12-20 09:57:33 -08:00
pickle_deserialize.py
Update example files to work on Python 2 & 3
2015-06-03 16:28:36 +00:00
popen_wrappers.py
Adding a test for partial paths in exec functions
2015-07-02 19:20:16 +01:00
pycrypto.py
Fix false positives for pyCrypto
2018-02-18 21:26:48 -06:00
random_module.py
Fixing up random to be less noisy
2015-07-16 10:26:31 +01:00
requests-ssl-verify-disabled.py
Added missing HTTP verbs to the requests checks
2015-10-30 15:02:08 +09:00
secret-config-option.py
Some spelling error need to be fixed
2016-08-04 05:31:32 +00:00
skip.py
Adding a test for partial paths in exec functions
2015-07-02 19:20:16 +01:00
sql_statements.py
Alter SQL injection plugin to consider .format strings
2017-01-22 13:59:24 +00:00
ssl-insecure-version.py
Remove the check for PROTOCOL_SSLv23
2015-02-12 11:33:26 -06:00
subprocess_shell.py
Remove checking for special characters in shells
2016-12-19 13:17:55 -08:00
telnetlib.py
Introduce wildcards to blacklist_calls plugin
2015-09-03 10:46:57 -07:00
try_except_continue.py
Added try_except_continue plugin
2016-03-24 12:09:12 -05:00
try_except_pass.py
Adding test for Try, Except, Pass
2015-07-14 13:12:01 +01:00
unverified_context.py
Blacklist call of ssl._create_unverified_context
2017-03-20 12:19:36 -07:00
urlopen.py
Some spelling error need to be fixed
2016-08-04 05:31:32 +00:00
utils-shell.py
Adding a test for partial paths in exec functions
2015-07-02 19:20:16 +01:00
weak_cryptographic_key_sizes.py
Add Cryptodome to blacklist and weak ciphers/hash
2017-01-12 23:53:24 -08:00
wildcard-injection.py
Adding a test for partial paths in exec functions
2015-07-02 19:20:16 +01:00
xml_etree_celementtree.py
Update example files to work on Python 2 & 3
2015-06-03 16:28:36 +00:00
xml_etree_elementtree.py
Update example files to work on Python 2 & 3
2015-06-03 16:28:36 +00:00
xml_expatbuilder.py
Add XML vulnerability checking
2015-04-24 09:58:26 -07:00
xml_expatreader.py
Add XML vulnerability checking
2015-04-24 09:58:26 -07:00
xml_lxml.py
Add XML vulnerability checking
2015-04-24 09:58:26 -07:00
xml_minidom.py
Update example files to work on Python 2 & 3
2015-06-03 16:28:36 +00:00
xml_pulldom.py
Update example files to work on Python 2 & 3
2015-06-03 16:28:36 +00:00
xml_sax.py
Update example files to work on Python 2 & 3
2015-06-03 16:28:36 +00:00
xml_xmlrpc.py
Update example files to work on Python 2 & 3
2015-06-03 16:28:36 +00:00
yaml_load.py
Use qualname list to avoid false positive on load()
2016-10-06 16:18:07 -04:00