2. Run

Classes

Framework	rasp_class	Note
Flask	FaskRASP
FastAPI	FastApiRASP	IMPORTANT Requires starlette >= 0.28.0
Django	DjangoRASP
AWS Lambda	LambdaRASP	See Addendum
Google Cloud Functions	GcpRASP	See Addendum
Azure Functions	AzureRASP	See Addendum

Flask & FastAPI

Guidelines

pyrasp requires 2 lines of code to run.

from pyrasp.pyrasp import <rasp_class>

Local Agent

<rasp_class>(<framework_instance>, conf = <configuration_file>)

Cloud Agent

See Cloud Operations section for details

<rasp_class>(<framework_instance>, cloud_url = <configuration_url>, key = <agent_key>)

Examples

from pyrasp.pyrasp import FlaskRASP

app = Flask(__name__)
FlaskRASP(app, conf = 'rasp.json')

from pyrasp.pyrasp import FastApiRASP
app = FastAPI()
rasp = FastApiRASP(app, cloud_url = 'https://pyrasp.my.org/config', key = '000000-1111-2222-3333-44444444')

Django

Guidelines

The pyrasp class must be added to the MIDDLEWARE variable in the settings.py file of the Django application. A PYRASP_CONF variable must be added to the same file. It contains the path of the configuration file.

For cloud deployment PYRASP_CLOUD_URL and PYRASP_KEY variables must be set. (See Cloud Operations section for details)

Examples

PYRASP_CONF = 'rasp.json'

MIDDLEWARE = [
    'pyrasp.pyrasp.DjangoRASP',
    ...
]

PYRASP_CLOUD_URL = 'https://pyrasp.my.org/config'
PYRASP_KEY = '000000-1111-2222-3333-44444444'

MIDDLEWARE = [
    'pyrasp.pyrasp.DjangoRASP',
    ...
]

AWS Lambda

Guidelines

The pyrasp module must be imported from pyrasp.pyrasp import LambdaRASP.

A decorator must be added on top of the lambda function handler.

Local Agent

@LambdaRASP(conf = <configuration_file>)

A configuration file must be added to the function files.

Cloud Agent

See Cloud Operations section for details

@LambdaRASP(cloud_url = <configuration_url>, key = <agent_key>)

Examples

@LambdaRASP(conf = 'rasp.json').register
def lambda_handler(event, context):
...

@LambdaRASP(cloud_url = 'https://pyrasp.my.org/config', key = '000000-1111-2222-3333-44444444').register
def lambda_handler(event, context):
...

Google Cloud Functions

Guidelines

The pyrasp module must be imported from pyrasp.pyrasp import GcpRASP.

A decorator must be added on top of the Google function handler.

Local Agent

@GcpRASP(conf = <configuration_file>).register

A configuration file must be added to the function files.

Cloud Agent

See Cloud Operations section for details

@GcpRASP(cloud_url = <configuration_url>, key = <agent_key>).register

Examples

@GcpRASP(conf = 'rasp.json').register
def hello_http(event, context):
...

@GcpRASP(cloud_url = 'https://pyrasp.my.org/config', key = '000000-1111-2222-3333-44444444').register
def hello_http(event, context):
...

Azure Functions

Guidelines

The pyrasp module must be imported from pyrasp.pyrasp import AzureRASP.

A decorator must be added after the @app.route() decorator.

Local Agent

@AzureRASP(conf = <configuration_file>).register

A configuration file must be added to the function files.

Cloud Agent

See Cloud Operations section for details

@AzureRASP(cloud_url = <configuration_url>, key = <agent_key>).register

Examples

app = func.FunctionApp(http_auth_level=func.AuthLevel.ANONYMOUS)

@app.route(route="helloworld")
@AzureRASP(conf = 'rasp.json').register
def helloworld(req):
...

app = func.FunctionApp(http_auth_level=func.AuthLevel.ANONYMOUS)

@app.route(route="helloworld")
@AzureRASP(cloud_url = 'https://pyrasp.my.org/config', key = '000000-1111-2222-3333-44444444').register
def helloworld(req):
...

Environment Variables

cloud_url, key and conf values can be set as environment variables:

• PYRASP_CLOUD_URL: URL to retrieve agent configuration from

• PYRASP_KEY: unique key to identify the agent

• PYRASP_CONF: configuration file path

Startup

At startup of the application pyrasp loading information is displayed.

### PyRASP v0.8.3 ##########
[+] Starting PyRASP
[+] Loading configuration from rasp.json
[+] XSS model loaded
[+] SQLI model loaded
[+] PyRASP succesfully started
############################