Package containing the various security checker modules.
| Checks | Package containing the various security checker modules. |
| assert | Module implementing a check for the use of 'assert'. |
| awsHardcodedPassword | Module implementing checks for potentially hardcoded AWS passwords. |
| blackListCalls | Module implementing checks for blacklisted methods and functions. |
| blackListImports | Module implementing checks for blacklisted imports. |
| certificateValidation | Module implementing checks for switched off certificate validation. |
| djangoSqlInjection | Module implementing checks for potential SQL injections risks. |
| djangoXssVulnerability | Module implementing checks for potential XSS vulnerability. |
| exec | Module implementing a check for the use of 'exec'. |
| flaskDebug | Module implementing checks for running a flask application with enabled debug. |
| generalBindAllInterfaces | Module implementing a check for binding to all interfaces. |
| generalFilePermissions | Module implementing a check for setting too permissive file permissions. |
| generalHardcodedPassword | Module implementing checks for potentially hardcoded passwords. |
| generalHardcodedTmp | Module implementing a check for insecure usage of tmp file/directory. |
| injectionParamiko | Module implementing a check for shell injection within Paramiko. |
| injectionShell | Module implementing a check for shell injection. |
| injectionSql | Module implementing a check for SQL injection. |
| injectionWildcard | Module implementing a check for use of wildcard injection. |
| insecureHashlibNew | Module implementing a check for use of insecure md4, md5, or sha1 hash functions in hashlib.new(). |
| insecureSslTls | Module implementing a check for use of SSL/TLS with insecure protocols. |
| jinja2Templates | Module implementing a check for not auto escaping in jinja2. |
| makoTemplates | Module implementing a check for use of mako templates. |
| sshNoHostKeyVerification | Module implementing a check for use of mako templates. |
| tryExcept | Module implementing checks for insecure except blocks. |
| weakCryptographicKey | Module implementing checks for weak cryptographic key use. |
| yamlLoad | Module implementing checks for the use of yaml load functions. |