https://github.com/boloto1979/code-sentinel
The project is a Python Code Sentinel that scans code files for potential security vulnerabilities. The goal is to identify suspicious patterns in the code that could indicate the presence of vulnerabilities.
https://github.com/boloto1979/code-sentinel
csrf cybersecurity python sql sqlinjection ssrf xss xss-vulnerability
Last synced: 12 months ago
JSON representation
The project is a Python Code Sentinel that scans code files for potential security vulnerabilities. The goal is to identify suspicious patterns in the code that could indicate the presence of vulnerabilities.
- Host: GitHub
- URL: https://github.com/boloto1979/code-sentinel
- Owner: boloto1979
- License: mit
- Created: 2023-05-04T11:18:12.000Z (almost 3 years ago)
- Default Branch: main
- Last Pushed: 2023-12-24T02:10:43.000Z (over 2 years ago)
- Last Synced: 2025-03-25T11:49:23.404Z (about 1 year ago)
- Topics: csrf, cybersecurity, python, sql, sqlinjection, ssrf, xss, xss-vulnerability
- Language: Python
- Homepage:
- Size: 61.4 MB
- Stars: 7
- Watchers: 1
- Forks: 0
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- License: LICENSE.md
Awesome Lists containing this project
README
# Code Sentinel
Code Sentinel is a Python application that analyzes code files for vulnerabilities. It helps identify potential security issues such as code injection, cross-site scripting (XSS), SQL injection, CSRF (Cross-Site Request Forgery), SSRF (Server-Side Request Forgery), LFI (Local File Inclusion) and RFI (Remote File Inclusion).
## Features
- Supports various programming languages including Python, Java, JavaScript, C, C++, Ruby, HTML, and PHP.
- Analyzes code files for vulnerabilities.
- Displays vulnerability details including type, pattern, and line number.
- Provides a user-friendly graphical interface for file selection and displaying results.
## Installation
To use Code Sentinel, follow the steps below:
1. Clone the repository:
```
git clone https://github.com/boloto1979/Code-Sentinel.git
```
2. Install the required dependencies:
```
pip install -r requirements.txt
```
```
pip install re
pip install tkinter
pip install Pillow
pip install ttkthemes
```
## Usage
To run Code Sentinel, execute the following command:
```
python3 CodeSentinel.py
```
The Code Sentinel window will appear, allowing you to perform the following actions:
- Click the "Anexar Arquivo" (Attach File) button to select a code file for analysis.
- Once the file is selected, Code Sentinel will analyze it for vulnerabilities.
- If vulnerabilities are found, they will be displayed in the application window, showing the type, pattern, and line number of each vulnerability.
- If no vulnerabilities are found, a message indicating this will be displayed.
Please note that Code Sentinel supports the following file extensions: `.py`, `.java`, `.js`, `.c`, `.cpp`, `.html`, and `.php`.
## Vulnerability Detection
Code Sentinel detects the following types of vulnerabilities:
- Code Injection: It searches for patterns such as eval(, exec(, os.system(, subprocess.run(, $(, and `.*` in the code.
- XSS (Cross-Site Scripting): It looks for patterns like ... and .
- SQL Injection: It identifies patterns such as SELECT *, DROP TABLE, and DELETE FROM in the code (case-insensitive).
- CSRF (Cross-Site Request Forgery).
- SSRF (Server-Side Request Forgery).
- LFI (Local File Inclusion) and RFI (Remote File Inclusion).
Please note that the CSRF and SSRF vulnerability detections are not yet implemented in the current version of Code Sentinel.
## Contributions
Contributions to Code Sentinel are welcome! If you would like to contribute, please follow these steps:
1. Fork the repository.
2. Create a new branch for your feature or bug fix.
3. Develop and test your changes.
4. Commit your changes and push them to your fork.
5. Submit a pull request explaining your changes.
Also, if you want to be part of the project and organization, please contact me: ``` pedro.lima1979@hotmail.com```