Finding Common Security Issues in Python Code with Bandit
Posted by Aly Sivji in Quick Hits
Bandit is a static analysis tool that can find common security issues in Python code. The command line utility scans .py
files and generates a report detailing issues by confidence and severity.
I ran Bandit on a few of my repositories and found I was using md5
to hash passwords in one of my side projects. It was a hack with a TODO fix
comment, but I had forgotten about it. Thanks to Bandit, I have changed my password hashing algorithm to bcrypt2
. Also learned about PassLib as I was researching how to salt and hash passwords.
The Rackspace blog has a post on Getting Started with Bandit that I recommend checking out.
Comments