CI-native network egress auditing via strace

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for Azakira from gravatar.com Azakira

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License (Apache License)
  • Author: CyberSecAuto-Labs
  • Tags auditing , ci , network , security , strace
  • Requires: Python >=3.11
  • Provides-Extra: dev , docs
Classifiers
Report project as malware

Project description

netaudit

CI PyPI Python License: Apache 2.0

CI-native network egress auditing via strace. Wrap any process or test suite, declare what connections are allowed, get pass/fail — no raw strace noise.

Install

pip install netaudit

Requires strace (Linux only):

sudo apt-get install strace   # Debian/Ubuntu
sudo dnf install strace       # RHEL/Fedora

Quick start

  1. Create netaudit.yaml in your project root:
version: 1
allowlist:
  - comment: "Internal API"
    family: AF_INET
    addr: 10.0.0.1
    port: 8080
  1. Run:
# Trace pytest (or any command) and fail on unexpected connections
netaudit run -- pytest

# Offline analysis of an existing strace log
netaudit analyze /tmp/trace.log

# Machine-readable output for CI artifacts
netaudit run --format json -- make test

Exit codes: 0 clean · 1 violations · 2 strace not found

Documentation

Full docs at netaudit.readthedocs.io:

How it works

netaudit run spawns your command under strace -e trace=connect -f -tt, parses every connect() syscall, and checks each against your allowlist. Built-in rules automatically permit loopback, Unix sockets, and AF_NETLINK — you only need to list external destinations.

Development

python3.11 -m venv .venv
.venv/bin/pip install -e ".[dev]"
.venv/bin/pytest

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for Azakira from gravatar.com Azakira

Unverified details

These details have not been verified by PyPI
Project links
Meta
  • License: Apache Software License (Apache License)
  • Author: CyberSecAuto-Labs
  • Tags auditing , ci , network , security , strace
  • Requires: Python >=3.11
  • Provides-Extra: dev , docs
Classifiers

Release history Release notifications | RSS feed

0.4.0

0.3.0

0.2.0

This version

0.1.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

netaudit-0.1.0.tar.gz (28.2 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

netaudit-0.1.0-py3-none-any.whl (17.8 kB view details)

Uploaded Python 3

File details

Details for the file netaudit-0.1.0.tar.gz.

File metadata

  • Download URL: netaudit-0.1.0.tar.gz
  • Upload date:
  • Size: 28.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.15

File hashes

Hashes for netaudit-0.1.0.tar.gz
Algorithm Hash digest
SHA256 d234320b5b4eeeb339c4abf07692a6381ac42ff9f3b8b1ecf56658f2af5e85cb
MD5 63d369ee810d4da8561a46d70b1ad63e
BLAKE2b-256 e14b1f901d9491f46a93b7053ca8d837e2e19d69cc1d765bd84b405b9b4c5f4e

See more details on using hashes here.

File details

Details for the file netaudit-0.1.0-py3-none-any.whl.

File metadata

  • Download URL: netaudit-0.1.0-py3-none-any.whl
  • Upload date:
  • Size: 17.8 kB
  • Tags: Python 3
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.15

File hashes

Hashes for netaudit-0.1.0-py3-none-any.whl
Algorithm Hash digest
SHA256 47aa5959d4efb38525afa5aa681f675eaf1073ea55b5160dc0ccd13930713de2
MD5 fe733025992acc0bd8b85734b06119f3
BLAKE2b-256 7eefb8875eb7a2217ff943bbe39dc9b5c9693cf9a86203c35cfb0fba8209c357

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page