前言

Bandit is a tool designed to find common security issues in Python code. To do this, Bandit processes each file, builds an AST from it, and runs appropriate plugins against the AST nodes. Once Bandit has finished scanning all the files, it generates a report.(官网
通过Bandit实现Python代码审计

下载依赖

MacOS

1
brew install bandit

Python

1
pip3 install bandit
  • Windows会在Python安装目录/Scripts/目录下生成bandit.exe可执行文件

审计Python代码

<dir>:源码根目录

1
bandit -r <dir>

完成

参考文献

哔哩哔哩——xiaodisec
PyCQA/bandit