Home / Python / Deep Learning

Privado CLI scans & monitors your repositories to build up privacy-transparency reports & finds privacy issues.

Privado CLI Privado CLI scans & monitors your repositories to build privacy, transparency reports & finds privacy issues. About Privado We are buildin
Information
Category: Python / Deep Learning
Watchers: 0
Star: 4
Fork: 0
Last update: Nov 15, 2021
Resource links
https://github.com/Privado-Inc/privado

Privado CLI

Privado CLI scans & monitors your repositories to build privacy, transparency reports & finds privacy issues.

Slack GitHub stars

About Privado

We are building Privado with a fundamental belief that privacy is the defining problem of this decade and developers want to build Privacy first products. However, current solutions take a top-down checklist kind of compliance approach. Our vision is to enable developers to embed privacy in their products. Our first product is a code scanner built grounds up for privacy which will allow developers to get visibility into privacy issues in their products and will generate transparency reports for the users of these products.

Introducing Code Scanning for Privacy

Code is where the business logic of collecting, sharing and processing of personal data lives. We are scanning the source code to discover personal data, data flows, 3rd party integrations automatically. These scans enable developers to build transparency reports with very little effort and also surfaces privacy issues in the code.

Privacy Reports:

  1. Transparency Report like Privacy Policy
  2. Privacy compliance reports like GDPR Article 30 or RoPA report
  3. Apple Privacy Nutrition Label report
  4. Google Safety Section report

Privacy Issues

We are building a OWASP like list of common privacy issues and will open-source them soon. Some examples of privacy issues are:

  1. Dark Patterns: A pre-checked consent box
  2. Personal data going to logs

This project is still under development, we encourage you to join our slack channel and collaborate with us.

0 Open More issues
Closed

Upgrade to Latest Data Elements

Google renamed the data elements, categories, report format, along with some other minor requirements on 24th February 2022.

Filing upgrade request to reflect the same. Reference (find the section "changelog"):
https://support.google.com/googleplay/android-developer/answer/10787469?hl=en#zippy=%2Cfebruary

enhancement critical 
opened Feb 25, 2022 by ojaswa1942 4
Closed

[BUG] Report PDF is blank

Describe the bug Operating System: MacOS Runt the Privado CLI, fill in all the sections, go to the final screen, and hit "Save as PDF". The downloaded report is blank.

To Reproduce Steps to reproduce the behavior:

  1. Run privado scan
  2. Fill in all the sections, go to the final screen, and hit "Save as PDF"

Expected behavior PDF report should be proper with all the data

bug 
opened Feb 16, 2022 by prashant-privado 3
Closed

[BUG] Unable to Copy: Exits Process

Bug report received as internal feedback, opening here for public tracking and validation:

Describe the bug Operating System: Linux Copy command exits the scanning process.

To Reproduce Steps to reproduce the behavior:

  1. Run privado scan <repo>
  2. Press Ctrl+Shift+C to copy

Expected behavior Do not exit

bug stale 
opened Feb 16, 2022 by ojaswa1942 2
Closed

Sync dev

Includes Installer based changes

opened Apr 27, 2022 by ojaswa1942 1
Closed

Feature: Update Installer

Handle multiple cases:

  1. Add pre-flight checks for docker permissions
  2. Add $PATH on multiple profiles
  3. Add cleanup
  4. Support global installations with sudo
opened Apr 26, 2022 by ojaswa1942 1
Closed

Update Unity SDK values

Is your feature request related to a problem? Please describe. Update Unity SDK values.

Describe the solution you'd like Unity has recently launched documentation for Play Store Data Safety, we need to update our values to those.

enhancement 
opened Mar 11, 2022 by vaibhavantil1 1
Open

[BUG] Ports are not available: exposing port TCP 0.0.0.0:3000 address already in use

Describe the bug

Starting container with the latest image Container ID: 0274c8db4d8f44fae5aac464a26eb46735f60ed97f8a4b74313f5264aa06cc41 Received error: Error response from daemon: Ports are not available: exposing port TCP 0.0.0.0:3000 -> 0.0.0.0:0: listen tcp 0.0.0.0:3000: bind: address already in use

To Reproduce Steps to reproduce the behavior: Trying to run the docker container but no success - Keep getting this error. Tried to change the port, but container wont start

Screenshots image

bug 
opened Jun 30, 2022 by demonguru18 0
Open

[BUG] Incorrect Square SDK element

Describe the bug In my app, I use some square libraries (Otto, Picasso, etc) and the tool think I'm using the Square SDK and need the purchase history

To Reproduce Steps to reproduce the behavior:

  1. Scan an empty app using a square library like Otto or Picasso
  2. See that the generated report include the "purchase history"

Expected behavior "Purchase history" should not appear in the reports

Desktop (please complete the following information):

  • OS: MacOs 12.1
  • Browser Chrome
  • Version 102.0.5005.61 (Build officiel) (x86_64)
bug 
opened Jun 22, 2022 by mathieudebrito 3
Open

[BUG] False Positives not removed

Describe the bug In the data Safety tool, when I mark something as "non personal" in the section "Review Data Types and Occurences in code" or "false positive" in the section "Review Third Party integrations in your app", it seems not taken into account because these are still in the final report.

To Reproduce Steps to reproduce the behavior:

  1. Scan the code of an app
  2. in the "Review Data Types and Occurences in code" mark something as "non personal"
  3. in the "Review Third Party integrations in your app" mark something as "false positive"
  4. In the summary and the generated reports (csv, pdf) the things I marked as "non personal" or "false positive" are still visible

Expected behavior They should not be visible in the final report

Desktop (please complete the following information):

  • OS: mac OS 12.1
  • Browser Chrome
  • Version 102.0.5005.61 (Build officiel) (x86_64)
bug enhancement 
opened Jun 22, 2022 by mathieudebrito 3
Open

[BUG] The website failes to load with "Failed to load data" at the end of the scan

Describe the bug I compiled privado from the repository. Then I scanned an Android app repository with privado. At the end of the scan a web UI on localhost:3000 is provided but it blanks out with "Failed to load data"

To Reproduce Steps to reproduce the behavior:

  1. Distro: Devuan GNU/Linux 5 (daedalus/ceres). Kernel: Linux asus 5.18.0-1-amd64 #1 SMP PREEMPT_DYNAMIC Debian 5.18.2-1 (2022-06-06) x86_64 GNU/Linux
  2. I'm scanning https://github.com/CsabaConsulting/ARPhysics
  3. Went through the README steps of compile from source: cloned the privado repo, installed golang, I already had docker, compiled. No error messages.
  4. Authenticated myself, got the json in email
  5. Bootstrapped provado with the json
  6. privado scan ARPhsyics

Expected behavior I assume the localhost:3000 should show some dashboard of the scan. It actually flashes for 100ms before the error is shown.

Screenshots Screenshot_2022-06-14_21-40-26 Screenshot_2022-06-14_21-40-57 Screenshot_2022-06-14_21-42-12 Screenshot_2022-06-14_21-43-12

Additional context I don't think it's the particular Android app. Looks like a Django instance is running inside the Docker and the DATABASE is not configured? I don't see a configuration file for that the first blink.

bug 
opened Jun 15, 2022 by MrCsabaToth 11

Contents

    eBardX An extensible monitoring framework written in Swift
    eth0izzle Find interesting Amazon S3 Buckets by watching certificate transparency logs.
    chris408 An OSINT tool that discovers sub-domains by searching Certificate Transparency logs
    nsmith5 🔍 Rekor transparency log monitoring and alerting
    abdulrahmanabdulazeez Port-Fin(port finder) is a tool which scans for open and closed port on a website/host. This tool scans the state of the well known/common ports.
    trailofbits PrivacyRaven is a privacy testing library for deep learning systems.
    hidde A starter pack for creating WCAG conformance reports with Eleventy
    johnspurlock Local viewer for App Privacy Reports in iOS 15
    m4ll0k GCTExposer - Discover sub-domains by searching through Certificate Transparency logs
    praveen-palanisamy C++ implementation to Detect, track and classify multiple objects using LIDAR scans or point cloud
    google A transparent and secure way to look up public keys.
    davidmascharka Transparency-by-Design networks (TbD-nets)
    kpcyrd Experimental binary transparency for pacman with sigstore and rekor
    d4t4s3c CRTEnum - Discovery subdomains from logs in the transparency certificates on HTTPS websites.
    augmentable-dev Query git repositories with SQL. Generate reports, perform status checks, analyze codebases. 🔍 📊
    tensorflow Library for training machine learning models with privacy for training data
    mrpollbot Privacy Policy for Mr Poll
    Privado-Inc Privacy details of SDKs for Apple Privacy Nutrition & Google Safety Section disclosure.
    intive-FDV Dynamic Reports using Jasper Reports
    breml Go linter that checks types that are json encoded - reports unsupported types and unnecessary error checks
    rsc Print version used to build Go executables
    Share this repo

    Related Repos


    Deep Learning
    837
    An implementation of chunked, compressed, N-dimensional arrays for Python.
    zarr-developers Zarr Latest Release Package Status License Build Status Coverage Downloads Gitter Citation What is it? Zarr is a Python package providing an implement
     
    Deep Learning
    317
    Serverless proxy for Spark cluster
    Hydrospheredata Hydrosphere Mist Hydrosphere Mist is a serverless proxy for Spark cluster. Mist provides a new functional programming framework and deployment model f
     
    Deep Learning
    2.5k
    Distributed Tensorflow, Keras and PyTorch on Apache Spark/Flink & Ray
    intel-analytics Distributed TensorFlow, PyTorch, Keras and BigDL on Apache Spark & Ray Analytics Zoo is an open source Big Data AI platform, and includes the followin
     
    Deep Learning
    10
    Black-Scholes StarkNet Library
    araghava Cairo Black-Scholes Library Black-Scholes library implemented as a Cairo smart contract. All inputs, outputs, and internal calculations use 27-digit f
     
    Deep Learning
    5
    Motoko library to help create an append-only logger actor
    ninegua IC Logger This motoko library provides a module to help create an append-only logger actor. Usage You can use this library with the vessel package man
     
    Deep Learning
    4
    LeetCode_Solution
    ashishpatel26 LeetCode_Solution LeetCode: https://leetcode.com/problemset/all/ # Title Difficulty Colab Code 1 Two Sum Easy 2 Add Two Numbers Medium 3 Longest Subst
     
    Deep Learning
    4
    OCR-D wrapper for detectron2 based segmentation models
    bertsky ocrd_detectron2 OCR-D wrapper for detectron2 based segmentation models Introduction Installation Usage OCR-D processor interface ocrd-detectron2-segm
     
    Deep Learning
    134
    Check for LDAP protections regarding the relay of NTLM authentication
    zyn3rgy LDAP Relay Scan A tool to check Domain Controllers for LDAP server protections regarding the relay of NTLM authentication. If you're interested in the
     
    Deep Learning
    66
    Fuzzware's main repository. Start here to install.
    fuzzware-fuzzer Fuzzware Fuzzware is a project for automated, self-configuring fuzzing of firmware images. The idea of this project is to configure the memory ranges
     
    Deep Learning
    35
    Time Weighted Asset Mints
    abigger87 TWAM â€Ē Time Weighted Asset Mints A minting harness enabling time-weighted assets to determine minting prices. How it works Requirements: maxMintingAmo
     
    Deep Learning
    33
    A complete, self-contained example for training ImageNet at state-of-the-art speed with FF...
    libffcv ffcv ImageNet Training A minimal, single-file PyTorch ImageNet training script designed for hackability. Run train_imagenet.py to get... ...high accur
     
    Deep Learning
    33
    āđ€āļ­āļāļŠāļēāļĢāļ›āļĢāļ°āļāļ­āļšāļāļēāļĢāļŠāļ­āļ™āļ—āļļāļāđ€āļ™āļ·āđ‰āļ­āļŦāļēāđƒāļ™āļŠāđˆāļ­āļ‡āļĒāļđāļ—āļđāļ› KongRuksiam Official
    kongruksiamza 📖 āđ€āļ­āļāļŠāļēāļĢāļ›āļĢāļ°āļāļ­āļšāļāļēāļĢāļŠāļ­āļ™ (PDF) 🔏 Blockchain & Smart Contract Blockchain āđ€āļšāļ·āđ‰āļ­āļ‡āļ•āđ‰āļ™ Smart Contract & Solidity āđ€āļšāļ·āđ‰āļ­āļ‡āļ•āđ‰āļ™ ðŸ’ŧ Programming āđ€āļ‚āļĩāļĒāļ™āđ‚āļ›āļĢāđāļāļĢāļĄāļ āļēāļĐāļē Ja
     
    Deep Learning
    34
    Omnivore A Single Model for Many Visual Modalities
    facebookresearch Omnivore: A Single Model for Many Visual Modalities [paper][website] OMNIVORE is a single vision model for many different visual modalities. It learns
     
    Deep Learning
    30
    Python implementation of the Lox language from Robert Nystrom's Crafting Interpreters
    dabeaz pylox Python implementation of the Lox language from Robert Nystrom's Crafting Interpreters. https://craftinginterpreters.com. This only implements th
     
    Deep Learning
    29
    ParaGen is a PyTorch deep learning framework for parallel sequence generation.
    bytedance ParaGen ParaGen is a PyTorch deep learning framework for parallel sequence generation. Apart from sequence generation, ParaGen also enhances various N