DEV Community

Aly Sivji
Aly Sivji

Posted on • Edited on • Originally published at alysivji.github.io

10 5

Finding Common Security Issues in Python Code with Bandit

#python #security

This post was originally published on Siv Scripts

Bandit is a static analysis tool that can find common security issues in Python code. The command line utility scans .py files and generates a report detailing issues by confidence and severity.

I ran Bandit on a few of my repositories and found I was using md5 to hash passwords in one of my side projects. It was a hack with a TODO fix comment, but I had forgotten about it. Thanks to Bandit, I have changed my password hashing algorithm to bcrypt2. Also learned about PassLib as I was researching how to salt and hash passwords.

The Rackspace blog has a post on Getting Started with Bandit that I recommend checking out.

profile
Datadog
 Promoted

Image of Datadog

The Essential Toolkit for Front-end Developers

Take a user-centric approach to front-end monitoring that evolves alongside increasingly complex frameworks and single-page applications.

Get The Kit

Top comments (0)

profile
Sentry
 Promoted

Sentry image

See why 4M developers consider Sentry, “not bad.”

Fixing code doesn’t have to be the worst part of your day. Learn how Sentry can help.

Learn more

Read next

7jw92nvd1klaq1 profile image

picoCTF "Breadth" Walkthrough

SJ W -

danielcristho profile image

Automating Flask & PostgreSQL Deployment on KVM with Terraform & Ansible

Daniel Pepuho -

shubhsk profile image

AI Engineer's Tool Review: Guardrails AI

shubhanshu -

pkutaj profile image

Explaining defaultdict in Python

Pavol Z. Kutaj -

👋 Kindness is contagious

Please leave a ❤️ or a friendly comment on this post if you found it helpful!

Okay