No single book can — or should — cover everything. The same is true of Python security. The landscape of potentially relevant technical and non-technical aspects is vast.
This publication therefore focuses on the essential aspects that matter most for anyone who:
Wants to learn how to develop more secure Python applications, and
Needs the core knowledge required to audit the security of Python code written by others.
- Python Security Handbook
- Introduction
- Fundamentals
- Python Execution Model
- Python bytecode security concerns
- Python Threat Model
- Python Attack Landscape
- Python Software Dependencies and Definitions
- Python Static Application Security Testing (SAST)
- Using python -S for Enhanced Security
- Python in Isolated Mode
- Using AI for Python security
- Limitations of Vulnerability Scanning in Python Software
- SAST vs Vulnerability Scanning:A Comparison
- Python Security Tools
- Dangerous Python Constructs and Libraries
- Assert Statement
- Input Statement
- Built-in Functions eval, exec and compile
- The os.chmod Function
- The socket.bind() Method
- Directory Creation
- Dynamic Import Statements
- Exception Statements
- TarFile Statement
- Insecure Hashing
- FTP Statement
- Marshal Statement
- Mktemp Statement
- Subprocess Statement
- OS System Calls
- Logging Configuration
- Base64 Statements
- HTTP Server Use
- Multiprocessing Module `Connection.recv()`
- Pickle Function
- Random Statement
- Shelve Module
- sys Module:Tracing and Profiling Hooks
- XML Security
- Zipfile Extraction
- Shutil Statement
- Guidelines and Checklists
- Python Security Recipes
- Appendices
- About
