Tool and Usage
|License||Apache License 2.0|
|Latest release||1.6.2 |
Why this tool?
Bandit is a tool that can be used during development or afterward. Typically this is used by developers to find common security issues in Python code before putting the code in production. Another use-case would be to use this tool to analyze existing projects and find possible flaws.
How it works
Bandit processes each file and builds an AST from it. Then it runs the appropriate plugins against the AST nodes and collects any findings. These findings are displayed on the screen, followed by a report. The report itself contains the number of findings by priority and confidence.
Usage and audience
Bandit is commonly used for code analysis. Target users for this tool are developers, pentesters, and security professionals.
- Command line interface
- CSV output supported
- HTML output
- JSON output supported
Example usage and output
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + More than 50 contributors
- + The source code of this software is available
- + Supported by a large company
Supported operating systems
Bandit is known to work on Linux.
Several dependencies are required to use Bandit.
Similar tools to Bandit:
Python Taint (or PyT) is a static code analyzer for Python scripts and applications. It tries to discover vulnerabilities or other possible weaknesses.
Graudit is a security tool to perform static code analysis by using the grep tool. It is a lightweight solution to find common issues in code.
Gosec is a security tool that performs a static code analysis for Golang projects for security flaws. Read how it works in this review.
This tool page was updated at . Found an improvement? Help the community by submitting an update.