Stop using pycrypto. Use pycryptodome instead
Paul
As we are still seeing a lot of applications depending on the Python Cryptography Toolkit (aka pycrypto) to manage their cryptography, this is a quick reminder to stop using it. The vulnerability…
Browsing Category
Python
18 posts
Interview: Claudiu Popa – Using Pylint for Python Static Analysis
We are excited to be launching a new series of interviews. The idea is to interview developers and security specialists that make the ecosystem a better place. Today, I’m sitting…
Preventing SQL injections in Python (and other vulnerabilities)
Chris Chinchilla
Python is a wonderful language, ideal for beginners, and easy to scale up from starter projects to complex applications for data processing and serving dynamic web pages. But as you…
Behind the Scenes: Building a Dynamic Instrumentation Agent for Python
Boris
TL;DR Building a Python Dynamic Instrumentation Agent is no easy task. At Sqreen we’re building an agent based on dynamic instrumentation in order to detect and block security issues inside…
Pyramid Security: announcing our Pyramid framework support for Python
We are pleased to announce the support of Pyramid in the Sqreen Python agent version 1.0.1. (An annoying last minute regression forced us to release a v1.0.1…) It comes with…
Announcing Node.JS + Python support and a new interface
What is Sqreen? Sqreen is an automated and continuous security solution for developers. It protects web applications with no source code modification or traffic redirection. Once deployed, the solution provides…
Embedding JavaScript into Python
Jb
TL; DR: v8.py PyMiniRacer brings a compiled V8 interpreter and a simple interface to the Python community: Our needs Sqreen needs a stable, performant and embeddable JavaScript solution for Python.…
Freeze your Python with str.encode and threads
While working on the sqreen.com Python agent, I discovered a rather nasty, but fun to analyse bug that lead me deep into Python internals. The nasty bug I was working…