aura
aura copied to clipboard
SourceCode-AI
Python source code auditing and static analysis on a large scale
@RootLUG @mirzazulfan I need to embed AURA with my project. I want to run aura through my project without installing it. For that I need to know which is the...
Hi @RootLUG , I am invoking Aura through __Java ProcessBuilder__ as **30 processes** with same zips as input. While doing this it is taking more time for analysis. If the...
I'm wondering if the current implementation of the project supports value-level taint analysis. It seems that the propagation of tainted values is only done through the TaintLog object. Based on...
Hi @RootLUG , I need few clarifications on below mentioned questions: - In your document, you're entered like **Aura can analyse both the binary and python files**. If I'm giving...
``` (aura) blue@BluedeMacBook-Pro ~/Downloads/aura-dev aura scan /Users/blue/Documents/Malicious/dataset/pypi_unzip/raw-tool/2.0.1/raw_tool-2.0.1/setup.py Traceback (most recent call last): File "/Users/blue/opt/anaconda3/envs/aura/bin/aura", line 5, in from aura.cli import main File "/Users/blue/opt/anaconda3/envs/aura/lib/python3.10/site-packages/aura/cli.py", line 16, in from ....
@RootLUG How to get the **tainted sink** for a vulnerability in output from the **signatures.yaml** file? For Example, if **subprocess.call()** is a tainted sink as configured in the signatures file,...
from reproducible builds: { "operation": "M", "diff": null, "similarity": 0.0, "a_ref": "click-8.1.3-py3-none-any.whl$click/py.typed", "a_md5": "d41d8cd98f00b204e9800998ecf8427e", "a_mime": "inode/x-empty", "a_size": 0, "b_ref": "click-8.1.3-py3-none-any.whl$click/py.typed", "b_md5": "d41d8cd98f00b204e9800998ecf8427e", "b_mime": "inode/x-empty", "b_size": 0 }, empty file is...
Metadata
Owner
Metadata
Python source code auditing and static analysis on a large scale