# Python

## Server using python

test a possible **code execution**, using the function _str\(\)_:

```python
"+str(True)+" #If the string True is printed, then it is vulnerable
```

You [can find here **several tricks**](../../misc/basic-python/bypass-python-sandboxes.md) to obtain **code executing** in python if you can execute arbitrary code.

### \*\*\*\*[**Python Deserialization**](../../pentesting-web/deserialization/#python)\*\*\*\*