Releases: avilum/secimport
Releases · avilum/secimport
0.7.2
0.7.1
0.7.0
- Added Stop and Kill options
- Added FastAPI example inside docker
- Improved the CLI
- Improved the README and overall documentation
- Removed unused code / POC leftovers
The new usage I encourage is a follows:
pip install secimport==0.7.0
# Interactive quickstart
secimport interactiveFastAPI example
#!/bin/bash
echo "FastAPI Example"
echo "Tracing the main application, hit CTRL+C/CTRL+D when you are done."
/workspace/Python-3.10.0/python -m secimport.cli trace --entrypoint fastapi_main.py
/workspace/Python-3.10.0/python -m secimport.cli build
/workspace/Python-3.10.0/python -m secimport.cli run --entrypoint fastapi_main.pyUsage:
SecImport - A toolkit for Tracing and Securing Python Runtime using USDT probes and eBPF/DTrace: https://github.com/avilum/secimport/wiki/Command-Line-Usage
QUICK START:
>>> secimport interactive
EXAMPLES:
1. trace:
$ secimport trace
$ secimport trace -h
$ secimport trace_pid 123
$ secimport trace_pid -h
2. build:
# secimport build
$ secimport build -h
3. run:
$ secimport run
$ secimport run --entrypoint my_custom_main.py
$ secimport run --entrypoint my_custom_main.py --stop_on_violation=true
$ secimport run --entrypoint my_custom_main.py --kill_on_violation=true
$ secimport run --sandbox_executable /path/to/my_sandbox.bt --pid 2884
$ secimport run --sandbox_executable /path/to/my_sandbox.bt --sandbox_logfile my_log.log
$ secimport run -h0.5.0
0.4.3
0.4.2
0.4.1
0.4.0
Version 0.4.0 adds the ability to generate profile from a YAML template.
For a full usage documentation, visit https://github.com/avilum/secimport/blob/master/docs/YAML_PROFILES.md
0.3.0
0.2.0
Added optional dtrace flag for destructive mode.
When set to False (default is True), the process will be killed but only logged.
destructive (bool, optional): Whether to kill the process with -9 sigkill upon violation of any of the configurations above. Defaults to True