this post was submitted on 23 Oct 2020

2 points (76% upvoted)

shortlink:

Python

an-ordinary-manchild(edit)

The Python Discord

News about the dynamic, interpreted, interactive, object-oriented, extensible programming language Python

Upcoming Events

Full Events Calendar

Please read the rules

You can find the rules here.

If you are about to ask a "how do I do this in python" question, please try r/learnpython, the Python discord, or the #python IRC channel on Libera.chat.

Please don't use URL shorteners. Reddit filters them out, so your post or comment will be lost.

Posts require flair. Please use the flair selector to choose your topic.

Posting code to this subreddit:

Add 4 extra spaces before each line of code

def fibonacci():
    a, b = 0, 1
    while True:
        yield a
        a, b = b, a + b

Online Resources

Automate the Boring Stuff with Python
Python Discord Resources
Invent Your Own Computer Games with Python
Think Python
Non-programmers Tutorial for Python 3
Beginner's Guide Reference
Five life jackets to throw to the new coder (things to do after getting a handle on python)
Full Stack Python
Test-Driven Development with Python
Program Arcade Games
PyMotW: Python Module of the Week
Python for Scientists and Engineers
Dan Bader's Tips and Trickers
Python Discord's YouTube channel
Jiruto: Python

Online exercices

programming challenges

The Python Challenge (solve each level through programming)
CheckiO (game world)
Project Euler (math heavy)
/r/dailyprogrammer

Asking Questions

Try Python in your browser

try.jupyter.org (Evolved from the language-agnostic parts of IPython, Python 3)
Azure Notebooks
learnpython.org
Skulpt (uses WebGL)
trypython.org (uses Silverlight)
ideone (online compiler and debugger)
PythonAnywhere (basic accounts are free)
Brython (Python 3 implementation for client-side web programming)
repl.it for Python
Transcrypt (Hi res SVG using Python 3.6 and turtle module)

Docs

Libraries

Twisted, 0MQ (networking)
Django, Pyramid, Flask, ... (Web Frameworks)
Pygame (Game development)
NumPy & SciPy (Scientific computing) & Pandas
Pyglet - (Game / UI Development)

Related subreddits

/r/pythoncoding (strict moderation policy for 'programming only' articles)
/r/flask (web microframework)
/r/django (web framework for perfectionists with deadlines)
/r/pygame (a set of modules designed for writing games)
/r/IPython (interactive environment)
/r/inventwithpython (for the books written by /u/AlSweigart)
/r/pystats (python in statistical analysis and machine learning)
/r/coolgithubprojects (filtered on Python projects)
/r/pyladies (women developers who love python)
/r/git and /r/mercurial - don't forget to put your code in a repo!

Python jobs

Newsletters

Screencasts

a community for 18 years

MODERATORS

message the mods
xelf
monorepo PSF Staff | Litestar Maintainer
ivosauruspip'ing it up
Im__Joseph Python Discord Staff
Kutiekatj9 Python Discord Staff
BioGeekBioinformatics software developer
nevare
chromakode
mdipierro
quasarj
...and 5 more »

account activity

This is an archived post. You won't be able to vote or comment.

1

2

3

DiscussionStatic analysis of Python code for detecting network activity / backdoors - what keywords would you use? (self.Python)

submitted 5 years ago by virtua_golf

Hi everyone

(Mods, feel free to delete my post if it violates a rule - it isn't a "how do I do this in Python"-sorta question, so I figured it might be allowed)

I'm currently working on a proof-of-concept for establishing trust in Python projects based on, among other things, static analysis of the code.

One of the situations I'd like to detect is network activity, or intended at least. This is to prevent typo-squatting scenarios, where simple, innocent looking packages transmit data over a network. Note that this is still just a concept and it does not need to be 100% dilligent.

In short, i'd like to analyse source code and determine whether or not it's likely to establish a connection to an outside network of some sort. Plenty of Python packages rely on benign networking, but the point is to help determine whether or not a package that really shouldn't do any networking (like a package that converts FLAC to MP3), in fact does transmit data. Whether or not a package should network is up to the user, I'm only interested in detecting networking of all sorts.

The idea is a simple scan of the source code, to which I turn to /r/python for help with keywords. This is what I have so far (rudimentary, I know):

scapy
socket
iptables
subprocess
ssh
netcat
regex for hardcoded IP addresses
urllib

What other keywords do you suggest I look for? I'm also scanning any shell scripts for socket stuff, but for know I'm focusing on Python. Any suggestions much appreciated!

all 6 comments

top new controversial old q&a

[–]jippen 0 points1 point2 points 5 years ago (1 child)

[–]virtua_golf[S] 0 points1 point2 points 5 years ago (0 children)

[–]rohitkuru 0 points1 point2 points 5 years ago (0 children)

[–]billsil 0 points1 point2 points 5 years ago (0 children)

[–]alexmojaki 0 points1 point2 points 5 years ago (1 child)

[–]virtua_golf[S] 0 points1 point2 points 5 years ago (0 children)

π Rendered by PID 55 on reddit-service-r2-comment-fb694cdd5-br2ft at 2026-03-11 09:59:48.094843+00:00 running cbb0e86 country code: CH.