mirror of
https://github.com/projectdiscovery/nuclei-templates.git
synced 2026-01-31 15:53:33 +08:00
51 lines
1.0 KiB
YAML
51 lines
1.0 KiB
YAML
id: python-scanner
|
|
|
|
info:
|
|
name: Python Scanner
|
|
author: majidmc2
|
|
severity: info
|
|
description: Scan for dangerous Python functions
|
|
reference:
|
|
- https://www.kevinlondon.com/2015/07/26/dangerous-python-functions.html
|
|
- https://www.kevinlondon.com/2015/08/15/dangerous-python-functions-pt2.html
|
|
tags: python,file,sast
|
|
|
|
|
|
file:
|
|
- extensions:
|
|
- py
|
|
|
|
extractors:
|
|
- type: regex
|
|
name: Possible Code Injection
|
|
regex:
|
|
- 'exec'
|
|
- 'eval'
|
|
- '__import__'
|
|
|
|
|
|
- type: regex
|
|
name: Possible Command Injection
|
|
regex:
|
|
- 'subprocess.call\(.*shell=True.*\)'
|
|
- 'os.system'
|
|
- 'os.popen'
|
|
|
|
|
|
- type: regex
|
|
name: Possibly Unpickling untrusted source
|
|
regex:
|
|
- 'pickle.loads'
|
|
- 'cPickle.loads'
|
|
|
|
|
|
- type: regex
|
|
name: Possibly loading dangerous YAMLs
|
|
regex:
|
|
- 'yaml.load'
|
|
|
|
- type: regex
|
|
name: Possible SQLi
|
|
regex:
|
|
- 'cursor.execute'
|