├── .github └── workflows │ ├── ci.yaml │ └── release.yaml ├── .gitignore ├── LICENSE ├── MANIFEST.in ├── README.md ├── SECURITY.md ├── flake8_bandit.py ├── setup.py └── tests ├── __init__.py ├── assert.py ├── binding.py ├── cipher-modes.py ├── ciphers.py ├── crypto-md5.py ├── dill.py ├── django_sql_injection_extra.py ├── django_sql_injection_raw.py ├── eval.py ├── exec-py2.py ├── exec-py3.py ├── flask_debug.py ├── ftplib.py ├── hardcoded-passwords.py ├── hardcoded-tmp.py ├── hashlib_new_insecure_functions.py ├── httplib_https.py ├── httpoxy_cgihandler.py ├── httpoxy_twisted_directory.py ├── httpoxy_twisted_script.py ├── imports-aliases.py ├── imports-from.py ├── imports-function.py ├── imports-with-importlib.py ├── imports.py ├── input.py ├── jinja2_templating.py ├── mako_templating.py ├── mark_safe.py ├── mark_safe_insecure.py ├── mark_safe_secure.py ├── marshal_deserialize.py ├── mktemp.py ├── multiline_statement.py ├── new_candidates-all.py ├── new_candidates-none.py ├── new_candidates-nosec.py ├── new_candidates-some.py ├── no_host_key_verification.py ├── nonsense.py ├── nosec.py ├── okay.py ├── os-chmod-py2.py ├── os-chmod-py3.py ├── os-exec.py ├── os-popen.py ├── os-spawn.py ├── os-startfile.py ├── os_system.py ├── paramiko_injection.py ├── partial_path_process.py ├── pickle_deserialize.py ├── popen_wrappers.py ├── pycrypto.py ├── pycryptodome.py ├── random_module.py ├── requests-ssl-verify-disabled.py ├── skip.py ├── sql_statements-py36.py ├── sql_statements.py ├── ssl-insecure-version.py ├── subprocess_shell.py ├── telnetlib.py ├── tempnam.py ├── test_bandit.py ├── try_except_continue.py ├── try_except_pass.py ├── unverified_context.py ├── urlopen.py ├── weak_cryptographic_key_sizes.py ├── wildcard-injection.py ├── xml_etree_celementtree.py ├── xml_etree_elementtree.py ├── xml_expatbuilder.py ├── xml_expatreader.py ├── xml_lxml.py ├── xml_minidom.py ├── xml_pulldom.py ├── xml_sax.py ├── xml_xmlrpc.py └── yaml_load.py /.github/workflows/ci.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/.github/workflows/ci.yaml -------------------------------------------------------------------------------- /.github/workflows/release.yaml: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/.github/workflows/release.yaml -------------------------------------------------------------------------------- /.gitignore: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/.gitignore -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/LICENSE -------------------------------------------------------------------------------- /MANIFEST.in: -------------------------------------------------------------------------------- 1 | include README.md LICENSE -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/README.md -------------------------------------------------------------------------------- /SECURITY.md: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/SECURITY.md -------------------------------------------------------------------------------- /flake8_bandit.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/flake8_bandit.py -------------------------------------------------------------------------------- /setup.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/setup.py -------------------------------------------------------------------------------- /tests/__init__.py: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /tests/assert.py: -------------------------------------------------------------------------------- 1 | assert True 2 | -------------------------------------------------------------------------------- /tests/binding.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/binding.py -------------------------------------------------------------------------------- /tests/cipher-modes.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/cipher-modes.py -------------------------------------------------------------------------------- /tests/ciphers.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/ciphers.py -------------------------------------------------------------------------------- /tests/crypto-md5.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/crypto-md5.py -------------------------------------------------------------------------------- /tests/dill.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/dill.py -------------------------------------------------------------------------------- /tests/django_sql_injection_extra.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/django_sql_injection_extra.py -------------------------------------------------------------------------------- /tests/django_sql_injection_raw.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/django_sql_injection_raw.py -------------------------------------------------------------------------------- /tests/eval.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/eval.py -------------------------------------------------------------------------------- /tests/exec-py2.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/exec-py2.py -------------------------------------------------------------------------------- /tests/exec-py3.py: -------------------------------------------------------------------------------- 1 | exec("do evil") 2 | -------------------------------------------------------------------------------- /tests/flask_debug.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/flask_debug.py -------------------------------------------------------------------------------- /tests/ftplib.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/ftplib.py -------------------------------------------------------------------------------- /tests/hardcoded-passwords.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/hardcoded-passwords.py -------------------------------------------------------------------------------- /tests/hardcoded-tmp.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/hardcoded-tmp.py -------------------------------------------------------------------------------- /tests/hashlib_new_insecure_functions.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/hashlib_new_insecure_functions.py -------------------------------------------------------------------------------- /tests/httplib_https.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/httplib_https.py -------------------------------------------------------------------------------- /tests/httpoxy_cgihandler.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/httpoxy_cgihandler.py -------------------------------------------------------------------------------- /tests/httpoxy_twisted_directory.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/httpoxy_twisted_directory.py -------------------------------------------------------------------------------- /tests/httpoxy_twisted_script.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/httpoxy_twisted_script.py -------------------------------------------------------------------------------- /tests/imports-aliases.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/imports-aliases.py -------------------------------------------------------------------------------- /tests/imports-from.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/imports-from.py -------------------------------------------------------------------------------- /tests/imports-function.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/imports-function.py -------------------------------------------------------------------------------- /tests/imports-with-importlib.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/imports-with-importlib.py -------------------------------------------------------------------------------- /tests/imports.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/imports.py -------------------------------------------------------------------------------- /tests/input.py: -------------------------------------------------------------------------------- 1 | input() 2 | -------------------------------------------------------------------------------- /tests/jinja2_templating.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/jinja2_templating.py -------------------------------------------------------------------------------- /tests/mako_templating.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/mako_templating.py -------------------------------------------------------------------------------- /tests/mark_safe.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/mark_safe.py -------------------------------------------------------------------------------- /tests/mark_safe_insecure.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/mark_safe_insecure.py -------------------------------------------------------------------------------- /tests/mark_safe_secure.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/mark_safe_secure.py -------------------------------------------------------------------------------- /tests/marshal_deserialize.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/marshal_deserialize.py -------------------------------------------------------------------------------- /tests/mktemp.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/mktemp.py -------------------------------------------------------------------------------- /tests/multiline_statement.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/multiline_statement.py -------------------------------------------------------------------------------- /tests/new_candidates-all.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/new_candidates-all.py -------------------------------------------------------------------------------- /tests/new_candidates-none.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/new_candidates-none.py -------------------------------------------------------------------------------- /tests/new_candidates-nosec.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/new_candidates-nosec.py -------------------------------------------------------------------------------- /tests/new_candidates-some.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/new_candidates-some.py -------------------------------------------------------------------------------- /tests/no_host_key_verification.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/no_host_key_verification.py -------------------------------------------------------------------------------- /tests/nonsense.py: -------------------------------------------------------------------------------- 1 | test(hi 2 | -------------------------------------------------------------------------------- /tests/nosec.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/nosec.py -------------------------------------------------------------------------------- /tests/okay.py: -------------------------------------------------------------------------------- 1 | print('hopefully no vulnerabilities here') 2 | -------------------------------------------------------------------------------- /tests/os-chmod-py2.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/os-chmod-py2.py -------------------------------------------------------------------------------- /tests/os-chmod-py3.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/os-chmod-py3.py -------------------------------------------------------------------------------- /tests/os-exec.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/os-exec.py -------------------------------------------------------------------------------- /tests/os-popen.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/os-popen.py -------------------------------------------------------------------------------- /tests/os-spawn.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/os-spawn.py -------------------------------------------------------------------------------- /tests/os-startfile.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/os-startfile.py -------------------------------------------------------------------------------- /tests/os_system.py: -------------------------------------------------------------------------------- 1 | import os 2 | 3 | os.system('/bin/echo hi') 4 | -------------------------------------------------------------------------------- /tests/paramiko_injection.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/paramiko_injection.py -------------------------------------------------------------------------------- /tests/partial_path_process.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/partial_path_process.py -------------------------------------------------------------------------------- /tests/pickle_deserialize.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/pickle_deserialize.py -------------------------------------------------------------------------------- /tests/popen_wrappers.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/popen_wrappers.py -------------------------------------------------------------------------------- /tests/pycrypto.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/pycrypto.py -------------------------------------------------------------------------------- /tests/pycryptodome.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/pycryptodome.py -------------------------------------------------------------------------------- /tests/random_module.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/random_module.py -------------------------------------------------------------------------------- /tests/requests-ssl-verify-disabled.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/requests-ssl-verify-disabled.py -------------------------------------------------------------------------------- /tests/skip.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/skip.py -------------------------------------------------------------------------------- /tests/sql_statements-py36.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/sql_statements-py36.py -------------------------------------------------------------------------------- /tests/sql_statements.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/sql_statements.py -------------------------------------------------------------------------------- /tests/ssl-insecure-version.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/ssl-insecure-version.py -------------------------------------------------------------------------------- /tests/subprocess_shell.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/subprocess_shell.py -------------------------------------------------------------------------------- /tests/telnetlib.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/telnetlib.py -------------------------------------------------------------------------------- /tests/tempnam.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/tempnam.py -------------------------------------------------------------------------------- /tests/test_bandit.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/test_bandit.py -------------------------------------------------------------------------------- /tests/try_except_continue.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/try_except_continue.py -------------------------------------------------------------------------------- /tests/try_except_pass.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/try_except_pass.py -------------------------------------------------------------------------------- /tests/unverified_context.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/unverified_context.py -------------------------------------------------------------------------------- /tests/urlopen.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/urlopen.py -------------------------------------------------------------------------------- /tests/weak_cryptographic_key_sizes.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/weak_cryptographic_key_sizes.py -------------------------------------------------------------------------------- /tests/wildcard-injection.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/wildcard-injection.py -------------------------------------------------------------------------------- /tests/xml_etree_celementtree.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/xml_etree_celementtree.py -------------------------------------------------------------------------------- /tests/xml_etree_elementtree.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/xml_etree_elementtree.py -------------------------------------------------------------------------------- /tests/xml_expatbuilder.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/xml_expatbuilder.py -------------------------------------------------------------------------------- /tests/xml_expatreader.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/xml_expatreader.py -------------------------------------------------------------------------------- /tests/xml_lxml.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/xml_lxml.py -------------------------------------------------------------------------------- /tests/xml_minidom.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/xml_minidom.py -------------------------------------------------------------------------------- /tests/xml_pulldom.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/xml_pulldom.py -------------------------------------------------------------------------------- /tests/xml_sax.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/xml_sax.py -------------------------------------------------------------------------------- /tests/xml_xmlrpc.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/xml_xmlrpc.py -------------------------------------------------------------------------------- /tests/yaml_load.py: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/tylerwince/flake8-bandit/HEAD/tests/yaml_load.py --------------------------------------------------------------------------------