# Intro
Tool for discovery sensitive objects in code
# Install
pip3 install semgrep-discovery
# Run
```
semgrep-discovery --wd ./django-realworld-example-app/ --langs python --objects dto --keywords email,password --outfile ./result.json --format json
Starting scan....
workdir: /home/kali/django-realworld-example-app
langs: ['python']
objects: ['dtos']
keywords: ['email', 'password']
ruledir: /home/kali/.local/lib/python3.11/site-packages/semgrep_discovery/rules
Add rule /home/kali/.local/lib/python3.11/site-packages/semgrep_discovery/rules/python/dto.yaml for scan
Run scan /home/kali/django-realworld-example-app with rule /home/kali/.local/lib/python3.11/site-packages/semgrep_discovery/rules/python/dtos.yaml
[ lib.python3.11.site-packages.semgrep_discovery.rules.python.django-data-object ]
Article
fields: ['slug', 'title', 'description', 'body', 'author', 'tags']
path: conduit/apps/articles/models.py:6
Comment
fields: ['body', 'article', 'author']
path: conduit/apps/articles/models.py:30
Tag
fields: ['tag', 'slug']
path: conduit/apps/articles/models.py:42
User
fields: ['username', 'email', 'is_active', 'is_staff']
path: conduit/apps/authentication/models.py:56
sensitive!!!
TimestampedModel
fields: ['created_at', 'updated_at']
path: conduit/apps/core/models.py:4
Profile
fields: ['user', 'bio', 'image', 'follows', 'favorites']
path: conduit/apps/profiles/models.py:6
Got 6 objects
6 written to result.json
```
Result:
```
{"path": "conduit/apps/articles/models.py", "line": 6, "object_type": "lib.python3.11.site-packages.semgrep_discovery.rules.python.django-data-object", "object": "Article", "fields": ["slug", "title", "description", "body", "author", "tags"], "sensitive": false}
{"path": "conduit/apps/articles/models.py", "line": 30, "object_type": "lib.python3.11.site-packages.semgrep_discovery.rules.python.django-data-object", "object": "Comment", "fields": ["body", "article", "author"], "sensitive": false}
{"path": "conduit/apps/articles/models.py", "line": 42, "object_type": "lib.python3.11.site-packages.semgrep_discovery.rules.python.django-data-object", "object": "Tag", "fields": ["tag", "slug"], "sensitive": false}
{"path": "conduit/apps/authentication/models.py", "line": 56, "object_type": "lib.python3.11.site-packages.semgrep_discovery.rules.python.django-data-object", "object": "User", "fields": ["username", "email", "is_active", "is_staff"], "sensitive": true}
{"path": "conduit/apps/core/models.py", "line": 4, "object_type": "lib.python3.11.site-packages.semgrep_discovery.rules.python.django-data-object", "object": "TimestampedModel", "fields": ["created_at", "updated_at"], "sensitive": false}
{"path": "conduit/apps/profiles/models.py", "line": 6, "object_type": "lib.python3.11.site-packages.semgrep_discovery.rules.python.django-data-object", "object": "Profile", "fields": ["user", "bio", "image", "follows", "favorites"], "sensitive": false}
```
Raw data
{
"_id": null,
"home_page": "",
"name": "semgrep-discovery",
"maintainer": "",
"docs_url": null,
"requires_python": ">=3.11,<4.0",
"maintainer_email": "",
"keywords": "security,assets,discovery,scanning,appsec",
"author": "Dmitry Marushkin",
"author_email": "dmarushkin@gmail.com",
"download_url": "https://files.pythonhosted.org/packages/3c/69/9163c8358d956bbce60fdbc41f316c5586454597a315787e3c19e1c230c9/semgrep_discovery-0.4.5.tar.gz",
"platform": null,
"description": "# Intro\n\nTool for discovery sensitive objects in code\n\n\n# Install\n\npip3 install semgrep-discovery\n\n\n# Run\n\n```\nsemgrep-discovery --wd ./django-realworld-example-app/ --langs python --objects dto --keywords email,password --outfile ./result.json --format json\nStarting scan....\n workdir: /home/kali/django-realworld-example-app\n langs: ['python']\n objects: ['dtos']\n keywords: ['email', 'password']\n ruledir: /home/kali/.local/lib/python3.11/site-packages/semgrep_discovery/rules\nAdd rule /home/kali/.local/lib/python3.11/site-packages/semgrep_discovery/rules/python/dto.yaml for scan\nRun scan /home/kali/django-realworld-example-app with rule /home/kali/.local/lib/python3.11/site-packages/semgrep_discovery/rules/python/dtos.yaml\n [ lib.python3.11.site-packages.semgrep_discovery.rules.python.django-data-object ]\n Article\n fields: ['slug', 'title', 'description', 'body', 'author', 'tags']\n path: conduit/apps/articles/models.py:6\n Comment\n fields: ['body', 'article', 'author']\n path: conduit/apps/articles/models.py:30\n Tag\n fields: ['tag', 'slug']\n path: conduit/apps/articles/models.py:42\n User\n fields: ['username', 'email', 'is_active', 'is_staff']\n path: conduit/apps/authentication/models.py:56\n sensitive!!!\n TimestampedModel\n fields: ['created_at', 'updated_at']\n path: conduit/apps/core/models.py:4\n Profile\n fields: ['user', 'bio', 'image', 'follows', 'favorites']\n path: conduit/apps/profiles/models.py:6\nGot 6 objects\n6 written to result.json\n\n```\n\nResult:\n\n```\n{\"path\": \"conduit/apps/articles/models.py\", \"line\": 6, \"object_type\": \"lib.python3.11.site-packages.semgrep_discovery.rules.python.django-data-object\", \"object\": \"Article\", \"fields\": [\"slug\", \"title\", \"description\", \"body\", \"author\", \"tags\"], \"sensitive\": false}\n{\"path\": \"conduit/apps/articles/models.py\", \"line\": 30, \"object_type\": \"lib.python3.11.site-packages.semgrep_discovery.rules.python.django-data-object\", \"object\": \"Comment\", \"fields\": [\"body\", \"article\", \"author\"], \"sensitive\": false}\n{\"path\": \"conduit/apps/articles/models.py\", \"line\": 42, \"object_type\": \"lib.python3.11.site-packages.semgrep_discovery.rules.python.django-data-object\", \"object\": \"Tag\", \"fields\": [\"tag\", \"slug\"], \"sensitive\": false}\n{\"path\": \"conduit/apps/authentication/models.py\", \"line\": 56, \"object_type\": \"lib.python3.11.site-packages.semgrep_discovery.rules.python.django-data-object\", \"object\": \"User\", \"fields\": [\"username\", \"email\", \"is_active\", \"is_staff\"], \"sensitive\": true}\n{\"path\": \"conduit/apps/core/models.py\", \"line\": 4, \"object_type\": \"lib.python3.11.site-packages.semgrep_discovery.rules.python.django-data-object\", \"object\": \"TimestampedModel\", \"fields\": [\"created_at\", \"updated_at\"], \"sensitive\": false}\n{\"path\": \"conduit/apps/profiles/models.py\", \"line\": 6, \"object_type\": \"lib.python3.11.site-packages.semgrep_discovery.rules.python.django-data-object\", \"object\": \"Profile\", \"fields\": [\"user\", \"bio\", \"image\", \"follows\", \"favorites\"], \"sensitive\": false}\n\n```\n\n\n\n\n\n\n\n\n",
"bugtrack_url": null,
"license": "MIT",
"summary": "Discovery of sensitive security objects in project code",
"version": "0.4.5",
"project_urls": {
"Bug Tracker": "https://github.com/dmarushkin/semgrep-discovery/issues",
"Homepage": "https://github.com/dmarushkin/semgrep-discovery"
},
"split_keywords": [
"security",
"assets",
"discovery",
"scanning",
"appsec"
],
"urls": [
{
"comment_text": "",
"digests": {
"blake2b_256": "4df30da15a8b741d7583545adc9c73e23a62870742c61b0cb289d6a56c62d147",
"md5": "d684dd8f5ae415b27566f91bd4aba9c7",
"sha256": "7f7c26ff540791589dd07e296bd922dfc9e014f7cb4ce3421656f9be3dead029"
},
"downloads": -1,
"filename": "semgrep_discovery-0.4.5-py3-none-any.whl",
"has_sig": false,
"md5_digest": "d684dd8f5ae415b27566f91bd4aba9c7",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.11,<4.0",
"size": 7365,
"upload_time": "2024-02-04T21:45:03",
"upload_time_iso_8601": "2024-02-04T21:45:03.705582Z",
"url": "https://files.pythonhosted.org/packages/4d/f3/0da15a8b741d7583545adc9c73e23a62870742c61b0cb289d6a56c62d147/semgrep_discovery-0.4.5-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": "",
"digests": {
"blake2b_256": "3c699163c8358d956bbce60fdbc41f316c5586454597a315787e3c19e1c230c9",
"md5": "fdfaee2ed4a4f4b8816a37c4c4c77f1b",
"sha256": "d7965a3975f86840ca1ff510eebcd2d6e8c79ed48cd0e11049f1c1c1042e2c7f"
},
"downloads": -1,
"filename": "semgrep_discovery-0.4.5.tar.gz",
"has_sig": false,
"md5_digest": "fdfaee2ed4a4f4b8816a37c4c4c77f1b",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.11,<4.0",
"size": 5940,
"upload_time": "2024-02-04T21:45:05",
"upload_time_iso_8601": "2024-02-04T21:45:05.148131Z",
"url": "https://files.pythonhosted.org/packages/3c/69/9163c8358d956bbce60fdbc41f316c5586454597a315787e3c19e1c230c9/semgrep_discovery-0.4.5.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2024-02-04 21:45:05",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "dmarushkin",
"github_project": "semgrep-discovery",
"travis_ci": false,
"coveralls": false,
"github_actions": false,
"lcname": "semgrep-discovery"
}
JSON
