Difference between revisions of "Project Information:template Python Static Analysis"

From OWASP
Jump to: navigation, search
(New page: {| style="width:100%" border="0" align="center" ! colspan="7" align="center" style="background:#4058A0; color:white"|<font color="white">'''PROJECT IDENTIFICATION''' |- | style="width:...)
 
 
(9 intermediate revisions by 4 users not shown)
Line 1: Line 1:
 +
----
 
{| style="width:100%" border="0" align="center"
 
{| style="width:100%" border="0" align="center"
  ! colspan="7" align="center" style="background:#4058A0; color:white"|<font color="white">'''PROJECT IDENTIFICATION'''  
+
  ! colspan="8" align="center" style="background:#4058A0; color:white"|<font color="white">'''PROJECT IDENTIFICATION'''  
 
  |-
 
  |-
 
  | style="width:15%; background:#7B8ABD" align="center"|'''Project Name'''
 
  | style="width:15%; background:#7B8ABD" align="center"|'''Project Name'''
  | colspan="6" style="width:85%; background:#cccccc" align="left"|<font color="black">'''OWASP Python Static Analysis Project'''  
+
  | colspan="7" style="width:85%; background:#cccccc" align="left"|<font color="black">'''OWASP Python Static Analysis Project'''  
 
  |-
 
  |-
 
  | style="width:15%; background:#7B8ABD" align="center"| '''Short Project Description'''  
 
  | style="width:15%; background:#7B8ABD" align="center"| '''Short Project Description'''  
  | colspan="6" style="width:85%; background:#cccccc" align="left"|During 2007 Dmitry Kozlov, Igor Konnov and Georgy Klimov prototyped taint-style static analysis for Python web applications. This tool is based on Pixy project. It is able to find input validation security vulnerabilities in Python-based web applications. This tool is currently in alfa release. It supports limited subset of Python: functions, modules, classes and data structures, but not generators, comprehensions, lambda-functions etc. And it has support only mod_python web applications.   
+
  | colspan="7" style="width:85%; background:#cccccc" align="left"|During 2007 Dmitry Kozlov, Igor Konnov and Georgy Klimov prototyped taint-style static analysis for Python web applications. This tool is based on Pixy project. It is able to find input validation security vulnerabilities in Python-based web applications. This tool is currently in alfa release. It supports limited subset of Python: functions, modules, classes and data structures, but not generators, comprehensions, lambda-functions etc. And it has support only mod_python web applications.   
 
  |-
 
  |-
  | style="width:15%; background:#7B8ABD" align="center"|'''Email Contacts'''
+
  | style="width:15%; background:#7B8ABD" align="center"|'''Key Project Information'''
  | style="width:14%; background:#cccccc" align="center"|Project Leader<br>[mailto:klimovga@gmail.com '''Georgy Klimov''']
+
  | style="width:14%; background:#cccccc" align="center"|Project Leader<br>[[User:Gaklimov|'''Georgy Klimov''']]
  | style="width:14%; background:#cccccc" align="center"|Project Contributors<br>(if applicable)<br>[mailto:to(at)change '''Name&Email''']
+
  | style="width:16%; background:#cccccc" align="center"|Project Contributors<br>[[:User:Ddk|'''Dmitry Kozlov''']]<br>[mailto:igor.konnov(at)gmail.com '''Igor Konnov''']  
  | style="width:14%; background:#cccccc" align="center"|[mailto:Owasp-Python-Static-Analysis@lists.owasp.org '''Project Mailing List''']
+
  | style="width:10%; background:#cccccc" align="center"|Mailing list<br>[https://lists.owasp.org/mailman/listinfo/owasp-python-static-analysis '''Subscribe here''']<br>[mailto:Owasp-Python-Static-Analysis@lists.owasp.org '''Use here''']
| style="width:14%; background:#cccccc" align="center"|First Reviewer<br>[mailto:namn(at)bluemoon.com.vn '''Nam Nguyen''']<br>[[OWASP_Summer_of_Code_2008_Projects_Authors_Status_Target_and_Reviewers_Nguyen_Curriculum|Curriculum]]
+
| style="width:16%; background:#cccccc" align="center"|
  | style="width:14%; background:#cccccc" align="center"|Second Reviewer<br>[mailto:diepvien00thayh(at)gmail.com '''P.Q.Huy''']
+
License<br>[http://www.gnu.org/licenses/old-licenses/gpl-2.0.html '''GNU General Public License v2''']
  | style="width:15%; background:#cccccc" align="center"|OWASP Board Member<br>(if applicable)<br>[mailto:name(at)name '''Name&Email''']
+
  | style="width:14%; background:#cccccc" align="center"|
 +
Project Type<br>[[:Category:OWASP_Project#Alpha Status Projects|'''Tool''']]
 +
  | style="width:15%; background:#cccccc" align="center"|Sponsor<br>[[OWASP Summer of Code 2008|'''OWASP SoC 08''']]
 
  |}
 
  |}
{| style="width:100%" border="0" align="center"
+
{| style="width:100%" border="0" align="center"  
  ! colspan="6" align="center" style="background:#4058A0; color:white"|<font color="white">'''PROJECT MAIN LINKS'''  
+
  ! align="center" style="background:#7B8ABD; color:white"|<font color="black">'''Release Status'''  
|-
+
  ! align="center" style="background:#7B8ABD; color:white"|<font color="black">'''Main Links'''
| style="width:100%; background:#cccccc" align="center"|
+
  ! align="center" style="background:#7B8ABD; color:white"|<font color="black">'''Related Projects'''  
* (If appropriate, links to be added)
+
|}
+
{| style="width:100%" border="0" align="center"
+
  ! colspan="6" align="center" style="background:#4058A0; color:white"|<font color="white">'''SPONSORS & GUIDELINES'''  
+
|-
+
| style="width:50%; background:#cccccc" align="center"|[[OWASP Summer of Code 2008|Sponsor - '''OWASP Summer of Code 2008''']]
+
| style="width:50%; background:#cccccc" align="center"|[[OWASP Summer of Code 2008 Applications - Need Futher Clarifications#XXXXXXXXXXXXXXXXX|'''Sponsored Project/Guidelines/Roadmap''']]
+
|}
+
{| style="width:100%" border="0" align="center"
+
  ! colspan="5" align="center" style="background:#4058A0; color:white"|ASSESSMENT AND REVIEW PROCESS
+
|-
+
| style="width:15%; background:#6C82B5" align="center"|'''Review/Reviewer'''
+
| style="width:21%; background:#b3b3b3" align="center"|'''Author's Self Evaluation'''<br>(applicable for Alpha Quality & further)
+
| style="width:21%; background:#b3b3b3" align="center"|'''First Reviewer'''<br>(applicable for Alpha Quality & further)
+
| style="width:21%; background:#b3b3b3" align="center"|'''Second Reviewer'''<br>(applicable for Beta Quality & further)
+
| style="width:22%; background:#b3b3b3" align="center"|'''OWASP Board Member'''<br>(applicable just for Release Quality)
+
|-
+
| style="width:15%; background:#7B8ABD" align="center"|'''50% Review'''
+
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>[[Project Information:template XXXXXXXXXXXXXXXXX - 50 Review - Self Evaluation - A|See&Edit:50% Review/Self-Evaluation (A)]]
+
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>[[Project Information:template XXXXXXXXXXXXXXXXX - 50 Review - First Reviewer - C|See&Edit: 50% Review/1st Reviewer (C)]]
+
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>[[Project Information:template XXXXXXXXXXXXXXXXX 50 Review Second Review E|See&Edit: 50%Review/2nd Reviewer (E)]]
+
| style="width:22%; background:#C2C2C2" align="center"|X
+
|-
+
| style="width:15%; background:#7B8ABD" align="center"|'''Final Review'''
+
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>Which status has been reached?<br>'''Season of Code''' - (To update)<br>---------<br>[[Project Information:template XXXXXXXXXXXXXXXXX - Final Review - Self Evaluation - B|See&Edit: Final Review/SelfEvaluation (B)]]
+
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>Which status has been reached?<br>'''Season of Code''' - (To update)<br>---------<br>[[Project Information:template XXXXXXXXXXXXXXXXX - Final Review - First Reviewer - D|See&Edit: Final Review/1st Reviewer (D)]]
+
| style="width:21%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>Which status has been reached?<br>'''Season of Code''' - (To update)<br>---------<br>[[Project Information:template XXXXXXXXXXXXXXXXX - Final Review - Second Reviewer - F|See&Edit: Final Review/2nd Reviewer (F)]]
+
| style="width:22%; background:#C2C2C2" align="center"|Objectives & Deliveries reached?<br>'''Yes/No''' (To update)<br>---------<br>Which status has been reached?<br>'''Season of Code''' - (To update)<br>---------<br>[[Project Information:template XXXXXXXXXXXXXXXXX - Final Review - OWASP Board Member - G|See/Edit: Final Review/Board Member (G)]]
+
 
  |-
 
  |-
 +
| style="width:29%; background:#cccccc" align="center"|
 +
Provisory '''[[:Category:OWASP Project Assessment#Alpha Quality Tool Criteria|Alpha Quality]]'''<br>[[:Category:OWASP Python Static Analysis Project - Assessment Frame|Please see here for complete information.]]
 +
| style="width:42%; background:#cccccc" align="center"|
 +
[http://code.google.com/p/owasp-python-static-analysis/ Google code SVN]
 +
| style="width:29%; background:#cccccc" align="center"|
 +
[[SpoC 007 - Python Tainted Mode|OWASP Python Tainted Mode]]
 
  |}
 
  |}
 +
----

Latest revision as of 12:17, 8 February 2009


PROJECT IDENTIFICATION
Project Name OWASP Python Static Analysis Project
Short Project Description During 2007 Dmitry Kozlov, Igor Konnov and Georgy Klimov prototyped taint-style static analysis for Python web applications. This tool is based on Pixy project. It is able to find input validation security vulnerabilities in Python-based web applications. This tool is currently in alfa release. It supports limited subset of Python: functions, modules, classes and data structures, but not generators, comprehensions, lambda-functions etc. And it has support only mod_python web applications.
Key Project Information Project Leader
Georgy Klimov
Project Contributors
Dmitry Kozlov
Igor Konnov
Mailing list
Subscribe here
Use here

License
GNU General Public License v2

Project Type
Tool

Sponsor
OWASP SoC 08
Release Status Main Links Related Projects

Provisory Alpha Quality
Please see here for complete information.

Google code SVN

OWASP Python Tainted Mode