bandit - Security oriented static analyzer for python code
- bandit [-h] [-r] [-a {file,vuln}] [-n CONTEXT_LINES] [-c
CONFIG_FILE]" "User Commands"
- targets
- source file(s) or directory(s) to be tested
-
-h, --help
- show this help message and exit
-
-r, --recursive
- process files in subdirectories
-
-a {file,vuln}, --aggregate {file,vuln}
- group results by vulnerability type or file it occurs
in
-
-n CONTEXT_LINES, --number CONTEXT_LINES
- max number of code lines to display for each issue
identified
-
-c CONFIG_FILE, --configfile CONFIG_FILE
- test config file, defaults to
/etc/bandit/bandit.yaml, or./bandit.yaml if not given
-
-p PROFILE, --profile PROFILE
- test set profile in config to use (defaults to all
tests)
-
-l, --level
- results level filter
-
-f {csv,json,txt,xml}, --format
{csv,json,txt,xml}
- specify output format
-
-o OUTPUT_FILE, --output OUTPUT_FILE
- write report to filename
-
-v, --verbose
- show extra information like excluded and included
files
-
-d, --debug
- turn on debug mode
- [-p PROFILE] [-l] [-f {csv,json,txt,xml}] [-o OUTPUT_FILE]
[-v] [-d] targets [targets ...]