.. |
assert.py
|
Adding a check for the use of Assert
|
2015-05-06 14:06:44 +01:00 |
binding.py
|
First test targeting Str nodes (binding to all interfaces)
|
2014-08-14 15:46:50 -07:00 |
cipher-modes.py
|
Check for insecure cipher modes
|
2015-10-08 23:16:38 -07:00 |
ciphers.py
|
Add known weak ciphers to blacklisted calls
|
2015-09-04 13:09:27 -07:00 |
crypto-md5.py
|
Add other known weak MD hash modules
|
2015-08-09 02:43:37 -07:00 |
eval.py
|
Update the config file, and use yaml.safe_load()
|
2015-03-12 17:11:46 -05:00 |
exec-as-root.py
|
Add ceilometer to rootwrap check
|
2015-02-26 10:19:26 -08:00 |
exec-py2.py
|
Clean up tests and examples for Python 3.4
|
2015-06-03 16:47:25 -05:00 |
exec-py3.py
|
Clean up tests and examples for Python 3.4
|
2015-06-03 16:47:25 -05:00 |
flask_debug.py
|
Add check for Flask app debug=True usage
|
2015-10-13 13:56:35 -04:00 |
hardcoded-passwords.py
|
Fixing bug when encountering tuple params
|
2015-11-11 11:32:46 +00:00 |
hardcoded-tmp.py
|
Making the /tmp file test more accurate
|
2015-10-07 15:51:28 +02:00 |
httplib_https.py
|
blacklist_calls: add Python3 and six versions of some functions
|
2015-11-06 18:04:44 +01:00 |
httpoxy_cgihandler.py
|
Add check for httpoxy vulnerability
|
2016-07-31 21:25:47 -07:00 |
httpoxy_twisted_directory.py
|
Add check for httpoxy vulnerability
|
2016-07-31 21:25:47 -07:00 |
httpoxy_twisted_script.py
|
Add check for httpoxy vulnerability
|
2016-07-31 21:25:47 -07:00 |
imports-aliases.py
|
Adding a test for partial paths in exec functions
|
2015-07-02 19:20:16 +01:00 |
imports-from.py
|
Fix relative imports and error handling
|
2014-07-17 11:52:33 -07:00 |
imports-function.py
|
Fixing a bug and cleaning up in blacklisting code
|
2016-01-21 15:29:21 +00:00 |
imports.py
|
initial commit
|
2014-07-16 10:27:50 -07:00 |
input.py
|
Adding "input()" to the blacklist calls list
|
2016-09-20 11:19:43 +01:00 |
jinja2_templating.py
|
Update jinja2 plugin to be more accurate
|
2015-02-23 17:42:58 -08:00 |
mako_templating.py
|
Add mako templating plugin and XSS profile
|
2015-03-05 08:44:09 -08:00 |
marshal_deserialize.py
|
Update example files to work on Python 2 & 3
|
2015-06-03 16:28:36 +00:00 |
mktemp.py
|
Support dynamic loading of tests
|
2014-07-17 11:23:57 -07:00 |
multiline_statement.py
|
Making the /tmp file test more accurate
|
2015-10-07 15:51:28 +02:00 |
new_candidates-all.py
|
Functional tests for baseline comparisons
|
2016-02-19 12:15:25 -06:00 |
new_candidates-none.py
|
Additional baseline candidate test coverage
|
2016-02-25 10:43:26 -06:00 |
new_candidates-nosec.py
|
Additional baseline candidate test coverage
|
2016-02-25 10:43:26 -06:00 |
new_candidates-some.py
|
Additional baseline candidate test coverage
|
2016-02-25 10:43:26 -06:00 |
nonsense2.py
|
Catch general exception on per-file basis
|
2016-04-13 09:39:21 -07:00 |
nonsense.py
|
Add support for skipping files
|
2014-07-17 12:10:18 -07:00 |
nosec.py
|
Allow precise #nosec placement
|
2016-01-08 10:06:22 +11:00 |
okay.py
|
Rework case where no findings are found
|
2014-07-25 11:20:20 -07:00 |
os_system.py
|
Adding a test for partial paths in exec functions
|
2015-07-02 19:20:16 +01:00 |
os-chmod-py2.py
|
bad_file_permissions check: Use correct filename
|
2015-09-04 14:58:49 -07:00 |
os-chmod-py3.py
|
Clean up tests and examples for Python 3.4
|
2015-06-03 16:47:25 -05:00 |
os-exec.py
|
Modify call_bad_names test to use regex and add to blacklist
|
2014-07-25 11:10:03 -07:00 |
os-popen.py
|
os.system et al. all spawn a shell so we should use the same logic
|
2015-11-11 14:29:17 +00:00 |
os-spawn.py
|
Modify call_bad_names test to use regex and add to blacklist
|
2014-07-25 11:10:03 -07:00 |
os-startfile.py
|
Adding a test for partial paths in exec functions
|
2015-07-02 19:20:16 +01:00 |
paramiko_injection.py
|
Some spelling error need to be fixed
|
2016-08-04 05:31:32 +00:00 |
partial_path_process.py
|
Adding a test for partial paths in exec functions
|
2015-07-02 19:20:16 +01:00 |
pickle_deserialize.py
|
Update example files to work on Python 2 & 3
|
2015-06-03 16:28:36 +00:00 |
popen_wrappers.py
|
Adding a test for partial paths in exec functions
|
2015-07-02 19:20:16 +01:00 |
random_module.py
|
Fixing up random to be less noisy
|
2015-07-16 10:26:31 +01:00 |
requests-ssl-verify-disabled.py
|
Added missing HTTP verbs to the requests checks
|
2015-10-30 15:02:08 +09:00 |
secret-config-option.py
|
Some spelling error need to be fixed
|
2016-08-04 05:31:32 +00:00 |
skip.py
|
Adding a test for partial paths in exec functions
|
2015-07-02 19:20:16 +01:00 |
sql_statements.py
|
Bug fix for SQL tests
|
2015-08-03 14:03:57 +01:00 |
ssl-insecure-version.py
|
Remove the check for PROTOCOL_SSLv23
|
2015-02-12 11:33:26 -06:00 |
subprocess_shell.py
|
Test for bug 1513091
|
2015-11-05 16:47:51 +11:00 |
telnetlib.py
|
Introduce wildcards to blacklist_calls plugin
|
2015-09-03 10:46:57 -07:00 |
try_except_continue.py
|
Added try_except_continue plugin
|
2016-03-24 12:09:12 -05:00 |
try_except_pass.py
|
Adding test for Try, Except, Pass
|
2015-07-14 13:12:01 +01:00 |
urlopen.py
|
Some spelling error need to be fixed
|
2016-08-04 05:31:32 +00:00 |
utils-shell.py
|
Adding a test for partial paths in exec functions
|
2015-07-02 19:20:16 +01:00 |
weak_cryptographic_key_sizes.py
|
Skip key checks where size is not constant
|
2016-08-15 16:43:13 +10:00 |
wildcard-injection.py
|
Adding a test for partial paths in exec functions
|
2015-07-02 19:20:16 +01:00 |
xml_etree_celementtree.py
|
Update example files to work on Python 2 & 3
|
2015-06-03 16:28:36 +00:00 |
xml_etree_elementtree.py
|
Update example files to work on Python 2 & 3
|
2015-06-03 16:28:36 +00:00 |
xml_expatbuilder.py
|
Add XML vulnerability checking
|
2015-04-24 09:58:26 -07:00 |
xml_expatreader.py
|
Add XML vulnerability checking
|
2015-04-24 09:58:26 -07:00 |
xml_lxml.py
|
Add XML vulnerability checking
|
2015-04-24 09:58:26 -07:00 |
xml_minidom.py
|
Update example files to work on Python 2 & 3
|
2015-06-03 16:28:36 +00:00 |
xml_pulldom.py
|
Update example files to work on Python 2 & 3
|
2015-06-03 16:28:36 +00:00 |
xml_sax.py
|
Update example files to work on Python 2 & 3
|
2015-06-03 16:28:36 +00:00 |
xml_xmlrpc.py
|
Update example files to work on Python 2 & 3
|
2015-06-03 16:28:36 +00:00 |
yaml_load.py
|
Split yaml blacklist check into its own file
|
2016-01-14 15:46:04 -06:00 |