Skip to content
/ pyraider Public

Using PyRaider You can scan installed dependencies known security vulnerabilities. It uses publicly known exploits, vulnerabilities database.

pyraider.raidersource.com

License

MIT license
17 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

tilakthimmappa/pyraider

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

55 Commits
img
img
 
 
pyraider
pyraider
 
 
tests
tests
 
 
.gitignore
.gitignore
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
SECURITY.md
SECURITY.md
 
 
requirements.txt
requirements.txt
 
 

Repository files navigation

PyRaider

Using PyRaider You can scan installed dependencies known security vulnerabilities. It uses publicly known exploits, vulnerabilities database. Documentation

version python version license Downloads Discord Twitter

pyraider

Usage

Table of Contents

  1. Installation
  2. Usage
  3. Scan Dependencies
  4. Scan Dependencies by Severity
  5. Report
  6. Outdated package check
  7. CI/CD
  8. Fix
  9. Autofix
  10. Release Note
  11. Help

Documentation

Install pyraider using pip or pyenv

pip install pyraider
pyenv install pyraider

To check the list of options available.

pyraider -h

Scan Vulnerabilities against the dependencies

Using PyRaider you can scan the vulnerable packages.

To run basic scan you can use pyraider go command.

It will automatically detects the installed packages and scans against it and shows the report.

pyraider go

If you want to scan you packages against requirements.txt or Pipfile.lock file.

pyraider check -f /Users/raider/project/requirements.txt
pyraider check -f /Users/raider/project/Pipfile.lock

Reports

PyRaider currently supports JSON, HTML and CSV formats.

To Export as a JSON file.

pyraider go -e json result.json
pyraider check -f /Users/raider/project/requirements.txt -e json result.json

To Export as a CSV file.

pyraider go -e csv result.csv
pyraider check -f /Users/raider/project/requirements.txt -e csv result.csv

To Export as a HTML file.

pyraider check -f go -e html result.html
pyraider check -f /Users/raider/project/requirements.txt -e html result.html

Out of Date Pacakges

Using PyRaider you can check the latest packages. Against installed packages.

pyraider validate -p django==1.11.13
pyraider validate -f /Users/raider/project/requirements.txt
pyraider validate -f /Users/raider/project/Pipfile.lock

Auto Fix

PyRaider also supports fix feature. Using this you can fix the vulnerable packages.

Note: To updating the packages might affect your application.

Fix

You can fix vulnerable package.

pyraider fix

Fix by Severity

pyraider fix -s high

Autofix

You can also autofix vulnerable packages.

pyraider autofix

Autofix by severity

pyraider autofix -s high

Update latest database

Now you can update the resource database with latest updated vulnerabilities

pyraider updatedb

Docker container

You can also run pyraider has a docker container.

Build docker container image

docker build -t pyraider .

Contact us:

Contribute

  • We welcome contributions to this project in the form of:
    • Feature Requests, Suggestions
    • Bugs
    • Help with writing tests
    • Add-on features, plugins, etc
    • Documentation

Author

About

Using PyRaider You can scan installed dependencies known security vulnerabilities. It uses publicly known exploits, vulnerabilities database.

pyraider.raidersource.com

Topics

python security dependency-analysis supply-chain pip vulnerabilities vulnerability-detection sca vulnerability-scanners security-tools devsecops pipenv developer-tool devsecops-pipeline

Resources

Readme

License

MIT license

Security policy

Security policy
Activity

Stars

17 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases 2

v1.0.18 Latest
Mar 26, 2022
+ 1 release

Packages

No packages published

Contributors 2

  •  
  •  

Languages