mirror of
https://github.com/FuzzingLabs/fuzzforge_ai.git
synced 2026-02-25 18:33:21 +00:00
6abf4ef71d
Implements Issue #5 - Python SAST workflow that combines: - Dependency scanning (pip-audit) for CVE detection - Security linting (Bandit) for vulnerability patterns - Type checking (Mypy) for type safety issues ## Changes **New Modules:** - `DependencyScanner`: Scans Python dependencies for known CVEs using pip-audit - `BanditAnalyzer`: Analyzes Python code for security issues using Bandit - `MypyAnalyzer`: Checks Python code for type safety issues using Mypy **New Workflow:** - `python_sast`: Temporal workflow that orchestrates all three SAST tools - Runs tools in parallel for fast feedback (3-5 min vs hours for fuzzing) - Generates unified SARIF report with findings from all tools - Supports configurable severity/confidence thresholds **Updates:** - Added SAST dependencies to Python worker (bandit, pip-audit, mypy) - Updated module __init__.py files to export new analyzers - Added type_errors.py test file to vulnerable_app for Mypy validation ## Testing Workflow tested successfully on vulnerable_app: - ✅ Bandit: Detected 9 security issues (command injection, unsafe functions) - ✅ Mypy: Detected 5 type errors - ✅ DependencyScanner: Ran successfully (no CVEs in test dependencies) - ✅ SARIF export: Generated valid SARIF with 14 total findings
Vulnerable Test Application
This is a TEST PROJECT designed to trigger security findings in the FuzzForge security assessment workflow.
⚠️ WARNING: This application contains intentional security vulnerabilities for testing purposes only. DO NOT use any of this code in production!
Vulnerabilities Included
Hardcoded Secrets
- Database passwords
- API keys (AWS, Stripe, GitHub, etc.)
- JWT secrets
- Private keys (RSA, Bitcoin, Ethereum)
- OAuth tokens
Code Injection
eval()usage in multiple languagesexec()andsystem()calls- Dynamic function creation
- Template injection
SQL Injection
- String concatenation in queries
- String formatting in SQL
- Dynamic query building
- Parameterless queries
Command Injection
- Unsanitized user input in system commands
- Shell execution with user data
- Subprocess calls with shell=True
Path Traversal
- Unvalidated file paths
- Directory traversal patterns
- Insecure file operations
Other Vulnerabilities
- XSS vulnerabilities
- Insecure deserialization
- Weak cryptography (MD5, weak random)
- CORS misconfigurations
- Debug mode enabled
Files Overview
-
src/- Source code with various vulnerabilitiesdatabase.py- Python with SQL injection and hardcoded secretsapi_handler.py- Python with eval and command injectionutils.rb- Ruby vulnerabilitiesMain.java- Java security issuesapp.go- Go vulnerabilities
-
scripts/- Script filesdeploy.php- PHP vulnerabilitiesbackup.js- JavaScript security issues
-
config/- Configuration filessettings.py- Hardcoded credentialsdatabase.yaml- Database passwords
-
.env- Environment file with secrets -
private_key.pem- Private key file -
wallet.json- Cryptocurrency wallets -
.github/workflows/- CI/CD with hardcoded secrets
Expected Findings
When running the security assessment workflow, you should see:
- Multiple hardcoded secrets detected
- SQL injection vulnerabilities
- Command injection risks
- Dangerous function usage
- Sensitive file discoveries
Testing
To test with FuzzForge:
curl -X POST "http://localhost:8000/workflows/security_assessment/submit" \
-H "Content-Type: application/json" \
-d '{
"target_path": "/path/to/test_projects/vulnerable_app",
"parameters": {
"scanner_config": {"check_sensitive": true},
"analyzer_config": {"check_secrets": true, "check_sql": true}
}
}'
Note
This is purely for testing security scanning capabilities. All credentials and keys are fake/example values.