DEV Community

Aly Sivji
Aly Sivji

Posted on • Edited on • Originally published at alysivji.github.io

10 5

Finding Common Security Issues in Python Code with Bandit

This post was originally published on Siv Scripts

Bandit is a static analysis tool that can find common security issues in Python code. The command line utility scans .py files and generates a report detailing issues by confidence and severity.

I ran Bandit on a few of my repositories and found I was using md5 to hash passwords in one of my side projects. It was a hack with a TODO fix comment, but I had forgotten about it. Thanks to Bandit, I have changed my password hashing algorithm to bcrypt2. Also learned about PassLib as I was researching how to salt and hash passwords.

The Rackspace blog has a post on Getting Started with Bandit that I recommend checking out.

Image of Datadog

The Essential Toolkit for Front-end Developers

Take a user-centric approach to front-end monitoring that evolves alongside increasingly complex frameworks and single-page applications.

Get The Kit

Top comments (0)

Sentry image

See why 4M developers consider Sentry, “not bad.”

Fixing code doesn’t have to be the worst part of your day. Learn how Sentry can help.

Learn more

👋 Kindness is contagious

Please leave a ❤️ or a friendly comment on this post if you found it helpful!

Okay