Awesome
Injecting Security at Runtime
Gif showing the code Difference hence easy migration
Gif showing the defence against SQLI
So what's the fuss about? In a gist its about patching the security loopholes inside broken: Runtime web application frameworks. Here we patch a vulnerable tornado application at runtime
Installation
These instructions will get you a copy of the project up and running on your local machine for development and testing purposes
pip install -r requirements.txt
Usage
python server.py #to start a local instance of the patched server
To add patches change the patch_final module. Be careful you might break something ;)
Contributing
- Fork it!
- Create your feature branch:
git checkout -b my-new-feature
- Commit your changes:
git commit -am 'Add some feature'
- Push to the branch:
git push origin my-new-feature
- Submit a pull request :D
License
This project is licensed under the MIT License
ToDO
- Notes to deploy to production environment