Python Taint

Static analysis of Python web applications based on theoretical foundations (Control flow graphs, fixed point, dataflow analysis) Detect command injection, SSRF, SQL injection, XSS, directory traveral etc. A lot of customization is possible. For functions from builtins or libraries, e.g. url_for or os.path.join, use the -m option to specify whether or not they return tainted values given tainted inputs, by default this file is used.

Features

Virtual env setup guide
Detect command injection, SSRF, SQL injection, XSS, directory traveral etc.
A lot of customization possible
A Static Analysis Tool for Detecting Security Vulnerabilities
Detect vulnerabilities in Python Web Applications
Static analysis of Python web applications based on theoretical foundations

Project Samples

Project Activity

See All Activity >

License

GNU General Public License version 3.0 (GPLv3)

Follow Python Taint

Python Taint Web Site

Other Useful Business Software

Get the most trusted enterprise browser

Advanced built-in security helps IT prevent breaches before they happen

Defend against security incidents with Chrome Enterprise. Create customizable controls, manage extensions and set proactive alerts to keep your data and employees protected without slowing down productivity.

Download Chrome

Rate This Project

User Reviews

Be the first to post a review of Python Taint!

Additional Project Details

Programming Language

Python

Related Categories

Python Frameworks, Python Web Development Software

Registered

2022-11-09

Similar Business Software

FuzzDB

FuzzDB was created to increase the likelihood of finding application security vulnerabilities through dynamic application security testing. It's the first and most comprehensive open dictionary of fault injection patterns, predictable resource locations, and regex for matching server responses....

See Software
Spring Framework

Spring makes programming Java quicker, easier, and safer for everybody. Spring’s focus on speed, simplicity, and productivity has made it the world's most popular Java framework. Spring’s flexible libraries are trusted by developers all over the world. Spring delivers delightful experiences to...

See Software
Wfuzz

Wfuzz provides a framework to automate web application security assessments and could help you secure your web applications by finding and exploiting web application vulnerabilities. You can also run Wfuzz from the official Docker image. Wfuzz is based on the simple concept that it replaces any...

See Software
Parasoft

Parasoft helps organizations continuously deliver high-quality software with its AI-powered software testing platform and automated test solutions. Supporting embedded and enterprise markets, Parasoft’s proven technologies reduce the time, effort, and cost of delivering secure, reliable, and...

See Software
Aikido Security

Secure your code, cloud, and runtime in one central system. Aikido’s all-in-one security platform is loved by developers and security teams alike with full security visibility, insight in what matters most, and fast/automatic vulnerability fixes. Teams get security done with Aikido thanks...

See Software
Site24x7

ManageEngine Site24x7 is a comprehensive observability and monitoring solution designed to help organizations effectively manage their IT environments. It offers monitoring for back-end IT infrastructure deployed on-premises, in the cloud, in containers, and on virtual machines. It ensures a...

See Software

Report inappropriate content

Python Taint

Static Analysis Tool for Detecting Security Vulnerabilities in Python

Get an email when there's a new version of Python Taint

Features

Project Samples

Project Activity

Categories

License

Follow Python Taint

User Reviews

Additional Project Details

Programming Language

Related Categories

Registered