Skip to content

Commit 263f7de

Browse files
nocomplexitynocomplexity
committed
fixes
1 parent 7891f2c commit 263f7de

File tree

2 files changed

+13
-7
lines changed

2 files changed

+13
-7
lines changed

index.md

Lines changed: 5 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,13 @@
11
# Introduction
22

3-
:::{admonition} Standard Security Testing Isn't Enough for Python.
4-
:class: tip
5-
Gain a deep understanding of the methodologies and specialized tools used to conduct professional-grade security validation for Python applications.
6-
:::
73

4+
:::{admonition} Welcome to **Mastering Security Testing for Python**
5+
:class: tip
86

7+
**Standard security testing isn’t enough for Python.**
98

9+
In this course, you will gain a deep understanding of the methodologies and specialised tools used to conduct professional-grade security validation for Python applications.
10+
:::
1011

1112

1213
Generic security testing often fails to uncover the unique risks inherent in Python environments. While many testers are proficient in broad security principles, few possess the specialised insight into Python’s nuances required for truly effective assessments. **Mastering Security Testing for Python** provides the deep-dive expertise you need to secure modern applications with confidence.

module6/injection_attacks.md

Lines changed: 8 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -26,7 +26,10 @@ If a user enters:
2626
__import__("os").system("rm -rf /")
2727
```
2828

29-
When using Python Code Audit with do the command:
29+
There is remote command execution in this code sample!
30+
31+
When using Python Code Audit if this code sample is saved as 'eval_sample.py'. Use the command:
32+
3033
```bash
3134
codeaudit filescan eval_sample.py
3235
```
@@ -35,11 +38,13 @@ You see that the findings are:
3538

3639
![sast-findings-input](/images/input_sample.png)
3740

38-
Both `input` and `eval` are detected; since both can be exploited, identifying them is essential. This ensures that when using **Python Code Audit**, the detection of common injection attacks is fully supported.
41+
42+
Both `input` and `eval` are detected; since both can be exploited, identifying them is essential.
43+
44+
This ensures that when using [**Python Code Audit**](https://nocomplexity.com/codeaudit/), the detection of common injection attacks is fully supported.
3945

4046

4147

42-
You have remote command execution.
4348

4449
### What to Look for in SAST findings
4550

0 commit comments

Comments
 (0)