-
Notifications
You must be signed in to change notification settings - Fork 3
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Benchmarking and pentesting (BI, Hawkeye) + update requirements
- Loading branch information
Martin Heinz
committed
Mar 31, 2019
1 parent
019c277
commit 76f8f9f
Showing
8 changed files
with
383 additions
and
1,103 deletions.
There are no files selected for viewing
360 changes: 0 additions & 360 deletions
360
benchmark/reports/blind_index/benchmark_20190327_094513.svg
This file was deleted.
Oops, something went wrong.
360 changes: 0 additions & 360 deletions
360
benchmark/reports/blind_index/benchmark_20190327_095347.svg
This file was deleted.
Oops, something went wrong.
360 changes: 0 additions & 360 deletions
360
benchmark/reports/blind_index/benchmark_20190327_095622.svg
This file was deleted.
Oops, something went wrong.
360 changes: 360 additions & 0 deletions
360
benchmark/reports/blind_index/benchmark_20190331_092246.svg
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,44 +1,37 @@ | ||
[ | ||
{ | ||
"module": "files-secrets", | ||
"level": "medium", | ||
"offender": "attr_auth_populate.sql", | ||
"description": "SQL dump file", | ||
"mitigation": "Check contents of the file" | ||
}, | ||
{ | ||
"module": "files-secrets", | ||
"level": "medium", | ||
"offender": "populate.sql", | ||
"description": "SQL dump file", | ||
"mitigation": "Check contents of the file" | ||
}, | ||
{ | ||
"module": "python-bandit", | ||
"level": "medium", | ||
"offender": "./app/main.py lines 9", | ||
"offender": "./main.py lines 9", | ||
"description": "hardcoded_bind_all_interfaces B104", | ||
"mitigation": "Possible binding to all interfaces. Review the file and fix the issue." | ||
}, | ||
{ | ||
"module": "python-bandit", | ||
"level": "low", | ||
"offender": "./app/cli.py lines 2", | ||
"offender": "./cli.py lines 2", | ||
"description": "blacklist B404", | ||
"mitigation": "Consider possible security implications associated with subprocess module. Review the file and fix the issue." | ||
}, | ||
{ | ||
"module": "python-bandit", | ||
"level": "low", | ||
"offender": "./app/cli.py lines 14", | ||
"offender": "./cli.py lines 14", | ||
"description": "subprocess_without_shell_equals_true B603", | ||
"mitigation": "subprocess call - check for execution of untrusted input. Review the file and fix the issue." | ||
}, | ||
{ | ||
"module": "python-bandit", | ||
"level": "low", | ||
"offender": "./app/cli.py lines 14", | ||
"offender": "./cli.py lines 14", | ||
"description": "start_process_with_partial_path B607", | ||
"mitigation": "Starting a process with a partial executable path Review the file and fix the issue." | ||
}, | ||
{ | ||
"module": "python-piprot", | ||
"level": "high", | ||
"offender": "pytest", | ||
"description": "Module is one or more major versions out of date", | ||
"mitigation": "Upgrade to v4.3.1 (Current: v3.8.0)" | ||
} | ||
] |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters