{"id":13649650,"url":"https://github.com/gbleaney/python_security","last_synced_at":"2025-04-22T14:32:15.652Z","repository":{"id":96864715,"uuid":"351554925","full_name":"gbleaney/python_security","owner":"gbleaney","description":"This repository collects lists of security-relavent Python APIs, along with examples of exploits using those APIs","archived":false,"fork":false,"pushed_at":"2021-05-09T20:26:09.000Z","size":421,"stargazers_count":35,"open_issues_count":0,"forks_count":7,"subscribers_count":4,"default_branch":"main","last_synced_at":"2024-11-10T00:33:11.860Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/gbleaney.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2021-03-25T19:38:34.000Z","updated_at":"2024-10-01T14:39:14.000Z","dependencies_parsed_at":"2023-07-17T05:15:33.805Z","dependency_job_id":null,"html_url":"https://github.com/gbleaney/python_security","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gbleaney%2Fpython_security","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gbleaney%2Fpython_security/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gbleaney%2Fpython_security/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/gbleaney%2Fpython_security/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/gbleaney","download_url":"https://codeload.github.com/gbleaney/python_security/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":250259139,"owners_count":21401045,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-02T02:00:21.754Z","updated_at":"2025-04-22T14:32:10.639Z","avatar_url":"https://github.com/gbleaney.png","language":"Python","funding_links":[],"categories":["Uncategorized"],"sub_categories":["Firmware"],"readme":"# python_security\n\n## Overview\nThis repository collects lists of security-relavent Python APIs, along with examples of exploits using those APIs. Currently it only contains remote code/command execution libraries.\n\n## Usage\n\nTo work with the code in this repo, you must be in a virtual environment:\n\n```\n$ cd /path/to/python_security\n$ python3.8 -m venv venv\n$ source venv/bin/activate\n(venv) $ pip3.8 install -r requirements.txt\n```\n\n### Interactive Server\n\nYou can launch the server to interactively play with the examples:\n\n```\n(venv) $ FLASK_APP=webapp.app.py FLASK_ENV=development flask run -h localhost -p 2121\n```\n\nThis will let you generate payloads for arbitrary code, and run those payloads on your own machine.\n\n### JSON Formatted Data\n\nAll the vulnerable functions covered by this repository are available in machine-readable format in `sinks.json`. `sinks.json` can be regenerated by running `scripts/generate_sink_list.py`.\n\n### Testing\n\nWhen adding a new exploit, you can validate it by running the tests:\n```\n(venv) $ python3 -m unittest\n```\n## Contributing\n\nPRs are welcome. If you're looking for ideas, look at the \"Future Work\" section in `code_execution/README.md`. Before submitting an exploit, make sure to run the tests and include evidence of testing in the PR.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgbleaney%2Fpython_security","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fgbleaney%2Fpython_security","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fgbleaney%2Fpython_security/lists"}