Python & Security¶
https://github.com/python-security/pyt
“Pyre from Facebook is an amazing project that has a bright future and many smart people working on it. I would suggest, if you don’t know that much about program analysis, that you understand how PyT works before diving into Pyre. Along with the README’s in most directories, there are the original Master’s Thesis and some slides.”
https://github.com/facebook/pyre-check
https://pyre-check.org/docs/pysa-basics/ “Pyre has applications beyond type checking python code: it can also run static analysis, more specifically called Taint Analysis, to identify potential security issues. The Python Static Analyzer feature of Pyre is usually abbreviated to Pysa (pronounced like the Leaning Tower of Pisa).”
“The Pythonista’s Guide to the OWASP Top 10” https://devm.io/python/python-owasp-app-security
Supply chain¶
- https://pypi.org/project/skjold/
- pip-audit
- safety
Page last modified: 2024-11-19 09:38:33