Difference between revisions of "Project Information:template Python Static Analysis"

From OWASP
Jump to: navigation, search
(New template)
Line 1: Line 1:
 +
----
 +
{| style="width:100%" border="0" align="center"
 +
! colspan="8" align="center" style="background:#4058A0; color:white"|<font color="white">'''PROJECT IDENTIFICATION'''
 +
|-
 +
| style="width:15%; background:#7B8ABD" align="center"|'''Project Name'''
 +
| colspan="7" style="width:85%; background:#cccccc" align="left"|<font color="black">'''OWASP Python Static Analysis Project'''
 +
|-
 +
| style="width:15%; background:#7B8ABD" align="center"| '''Short Project Description'''
 +
| colspan="7" style="width:85%; background:#cccccc" align="left"|During 2007 Dmitry Kozlov, Igor Konnov and Georgy Klimov prototyped taint-style static analysis for Python web applications. This tool is based on Pixy project. It is able to find input validation security vulnerabilities in Python-based web applications. This tool is currently in alfa release. It supports limited subset of Python: functions, modules, classes and data structures, but not generators, comprehensions, lambda-functions etc. And it has support only mod_python web applications. 
 +
|-
 +
| style="width:15%; background:#7B8ABD" align="center"|'''Key Project Information'''
 +
| style="width:14%; background:#cccccc" align="center"|Project Leader<br>[[User:Gaklimov|'''Georgy Klimov''']]
 +
| style="width:15%; background:#cccccc" align="center"|Project Contributors<br>(if any)
 +
| style="width:10%; background:#cccccc" align="center"|Mailing list<br>[https://lists.owasp.org/mailman/listinfo/owasp-python-static-analysis '''Subscribe here''']<br>[mailto:Owasp-Python-Static-Analysis@lists.owasp.org '''Use here''']
 +
| style="width:17%; background:#cccccc" align="center"|
 +
License<br>[http://creativecommons.org/licenses/by-sa/3.0/ '''Creative Commons Attribution Share Alike 3.0''']
 +
| style="width:14%; background:#cccccc" align="center"|
 +
Project Type<br>[[:Category:OWASP_Project#Beta Status Projects|'''Tool''']]
 +
| style="width:15%; background:#cccccc" align="center"|Sponsor<br>[[OWASP Summer of Code 2008|'''OWASP SoC 08''']]
 +
|}
 +
{| style="width:100%" border="0" align="center"
 +
! align="center" style="background:#7B8ABD; color:white"|<font color="black">'''Release Status'''
 +
! align="center" style="background:#7B8ABD; color:white"|<font color="black">'''Main Links'''
 +
! align="center" style="background:#7B8ABD; color:white"|<font color="black">'''Related Projects'''
 +
|-
 +
| style="width:29%; background:#cccccc" align="center"|
 +
Provisory '''[[:Category:OWASP Project Assessment#Beta Quality Tool Criteria|Beta Quality]]'''<br>[[:Category:OWASP Python Static Analysis Project - Assessment Frame|Please see here for complete information.]]
 +
| style="width:42%; background:#cccccc" align="center"|
 +
[http://code.google.com/p/owasp-python-static-analysis/ Google code SVN]
 +
| style="width:29%; background:#cccccc" align="center"|
 +
[[SpoC 007 - Python Tainted Mode|Python Tainted Mode]]
 +
|}
 +
----
 +
 +
 +
 +
 +
 +
 +
 +
 +
 +
 
{| style="width:100%" border="0" align="center"
 
{| style="width:100%" border="0" align="center"
 
  ! colspan="7" align="center" style="background:#4058A0; color:white"|<font color="white">'''PROJECT IDENTIFICATION'''  
 
  ! colspan="7" align="center" style="background:#4058A0; color:white"|<font color="white">'''PROJECT IDENTIFICATION'''  

Revision as of 09:06, 8 February 2009


PROJECT IDENTIFICATION
Project Name OWASP Python Static Analysis Project
Short Project Description During 2007 Dmitry Kozlov, Igor Konnov and Georgy Klimov prototyped taint-style static analysis for Python web applications. This tool is based on Pixy project. It is able to find input validation security vulnerabilities in Python-based web applications. This tool is currently in alfa release. It supports limited subset of Python: functions, modules, classes and data structures, but not generators, comprehensions, lambda-functions etc. And it has support only mod_python web applications.
Key Project Information Project Leader
Georgy Klimov
Project Contributors
(if any)
Mailing list
Subscribe here
Use here

License
Creative Commons Attribution Share Alike 3.0

Project Type
Tool

Sponsor
OWASP SoC 08
Release Status Main Links Related Projects

Provisory Beta Quality
Please see here for complete information.

Google code SVN

Python Tainted Mode







PROJECT IDENTIFICATION
Project Name OWASP Python Static Analysis Project
Short Project Description During 2007 Dmitry Kozlov, Igor Konnov and Georgy Klimov prototyped taint-style static analysis for Python web applications. This tool is based on Pixy project. It is able to find input validation security vulnerabilities in Python-based web applications. This tool is currently in alfa release. It supports limited subset of Python: functions, modules, classes and data structures, but not generators, comprehensions, lambda-functions etc. And it has support only mod_python web applications.
Email Contacts Project Leader
Georgy Klimov
Project Contributors
(if applicable)
Name&Email
Mailing List/Subscribe
Mailing List/Use
First Reviewer
Nam Nguyen
Curriculum
Second Reviewer
P.Q.Huy
Curriculum
OWASP Board Member
(if applicable)
Name&Email
PROJECT MAIN LINKS
RELATED PROJECTS

Python Tainted Mode

SPONSORS & GUIDELINES
Sponsor - OWASP Summer of Code 2008 Sponsored Project/Guidelines/Roadmap
ASSESSMENT AND REVIEW PROCESS
Review/Reviewer Author's Self Evaluation
(applicable for Alpha Quality & further)
First Reviewer
(applicable for Alpha Quality & further)
Second Reviewer
(applicable for Beta Quality & further)
OWASP Board Member
(applicable just for Release Quality)
50% Review Objectives & Deliveries reached?
Yes
---------
See&Edit:50% Review/Self-Evaluation (A)
Objectives & Deliveries reached?
Yes
---------
See&Edit: 50% Review/1st Reviewer (C)
Objectives & Deliveries reached?
Yes
---------
See&Edit: 50%Review/2nd Reviewer (E)
X
Final Review Objectives & Deliveries reached?
Yes/No (To update)
---------
Which status has been reached?
Season of Code - (To update)
---------
See&Edit: Final Review/SelfEvaluation (B)
Objectives & Deliveries reached?
Yes/No (To update)
---------
Which status has been reached?
Season of Code - (To update)
---------
See&Edit: Final Review/1st Reviewer (D)
Objectives & Deliveries reached?
Yes/No (To update)
---------
Which status has been reached?
Season of Code - (To update)
---------
See&Edit: Final Review/2nd Reviewer (F)
X