bandit - Security oriented static analyzer for python
code
- bandit [-h] [-r] [-a {file,vuln}] [-n CONTEXT_LINES] [-c
CONFIG_FILE]" "User Commands"
- targets
- source file(s) or directory(s) to be tested
- -h, --help
- show this help message and exit
- -r,
--recursive
- process files in subdirectories
- -a {file,vuln},
--aggregate {file,vuln}
- group results by vulnerability type or file it occurs in
- -n CONTEXT_LINES,
--number CONTEXT_LINES
- max number of code lines to display for each issue identified
- -c CONFIG_FILE,
--configfile CONFIG_FILE
- test config file, defaults to /etc/bandit/bandit.yaml,
or./bandit.yaml if not given
- -p PROFILE, --profile
PROFILE
- test set profile in config to use (defaults to all tests)
- -l, --level
- results level filter
- -f {csv,json,txt,xml},
--format {csv,json,txt,xml}
- specify output format
- -o OUTPUT_FILE,
--output OUTPUT_FILE
- write report to filename
- -v, --verbose
- show extra information like excluded and included files
- -d, --debug
- turn on debug mode
- [-p PROFILE] [-l] [-f {csv,json,txt,xml}] [-o OUTPUT_FILE] [-v] [-d]
targets [targets ...]