A Shadow Daemon connector for Python applications
Branch: master
Clone or download
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
misc/examples Added Flask defaults to the example config. May 5, 2015
shadowd Updated header. Jan 2, 2016
.gitignore Changed some little details for Pypi submission. Jan 14, 2015
.travis.yml Added unit tests and fixed bug in split path. Dec 23, 2015
LICENSE Added readme, license and example config and finished the connector. Jan 14, 2015
MANIFEST
README.rst Updated the readme. Jan 9, 2016
requirements.txt Added unit test for werkzeug. Dec 27, 2015
setup.py Updated header. Jan 2, 2016

README.rst

http://shadowd.zecure.org/img/logo_small.png

Shadow Daemon is a collection of tools to detect, record and prevent attacks on web applications. Technically speaking, Shadow Daemon is a web application firewall that intercepts requests and filters out malicious parameters. It is a modular system that separates web application, analysis and interface to increase security, flexibility and expandability.

This component can be used to connect Python applications with the background server.

Documentation

For the full documentation please refer to shadowd.zecure.org.

Installation

You can install the package with easy_install or pip:

easy_install shadowd
pip install shadowd

It is also possible to clone this repository and install the package manually:

python setup.py install

You also have to create a configuration file. You can copy misc/examples/connectors.ini to /etc/shadowd/connectors.ini. The example configuration is annotated and should be self-explanatory.

CGI

To protect CGI applications you simply have to load the module:

import shadowd.cgi_connector

Django

Django applications require a small modification. It is necessary to create a hook to intercept requests. To do this create the file middleware/shadowdconnector.py in the application directory:

from shadowd.django_connector import InputDjango, OutputDjango, Connector

class ShadowdConnectorMiddleware(object):
    def process_request(self, request):
        input = InputDjango(request)
        output = OutputDjango()

        status = Connector().start(input, output)
        if not status == True:
            return status

There also has to be an empty __init__.py file in the middleware directory. Next you have to register the middleware in the settings.py file of your application:

MIDDLEWARE_CLASSES = (
    'middleware.shadowdconnector.ShadowdConnectorMiddleware',
    # ...
)

The connector should be at the beginning of the MIDDLEWARE_CLASSES list.

Flask

Flask applications require a small modification as well. It is necessary to create a hook to intercept requests:

from shadowd.flask_connector import InputFlask, OutputFlask, Connector

@app.before_request
def before_req():
    input = InputFlask(request)
    output = OutputFlask()

    Connector().start(input, output)