Network device configuration security analysis tool (Development Version - Not Production Ready)
Project description
PyBastion
⚠️ DEVELOPMENT VERSION - NOT PRODUCTION READY ⚠️
A comprehensive Python application for analyzing network device configurations to identify security vulnerabilities, compliance violations, and best practice deviations.
🚧 Current Status
This package is in active development and is not ready for production use.
- Version: 0.0.1 (Pre-Alpha)
- Purpose: PyPI name reservation and early development preview
- Stability: Features may change significantly between versions
- Testing: Limited functionality currently available
What's Working
- Basic project structure and framework
- Core architecture design
- Development environment setup
What's Coming
- Configuration file parsing for multiple vendors
- Security analysis and compliance checking
- Comprehensive reporting capabilities
- Full CLI interface
Planned Features
-
Multi-vendor Support: Parse and analyze configurations from:
- Cisco IOS
- Cisco ASA
- FortiGate FortiOS
- PaloAlto PAN-OS
-
Security Analysis:
- CIS Benchmark compliance checks (Level 1)
- Access control list analysis
- Best practice validation
- Vulnerability assessment using CVE Details API
- End-of-life software detection
-
Flexible Reporting: Generate reports in JSON, HTML, and Excel formats
-
Modern Architecture: Built with Python 3.12+, SQLModel, DuckDB, and Click
Installation
⚠️ Warning: This is a development version. Installing from PyPI will give you a minimal placeholder package.
Prerequisites
- Python 3.12 or higher
- UV package manager (recommended for development)
Install from PyPI (Development Version)
pip install pybastion
Note: The PyPI version currently provides only basic structure and will display warnings when imported. Most functionality is not yet implemented.
Development Installation (Recommended)
To work with the actual development code:
git clone https://github.com/flyguy62n/pybastion.git
cd pybastion
uv sync
Development Status & Roadmap
Planned Usage (Coming Soon)
Once development is complete, PyBastion will support:
# Scan a single configuration file
pybastion scan files router.cfg
# Scan multiple files with device type specification
pybastion scan files --device-type cisco-ios *.cfg
# Scan directory recursively
pybastion scan files --recursive /path/to/configs/
# Generate HTML report
pybastion scan files --format html --output report.html *.cfg
Generate Reports
# Generate report from database
pybastion report generate --database scan.db --format excel --output report.xlsx
Validate Configurations
# Validate configuration syntax
pybastion validate config router.cfg --device-type cisco-ios
Contributing
We welcome contributions! Since this is in early development:
- Check the Issues for current tasks
- Fork the repository
- Create a feature branch
- Submit a pull request
Development Setup
git clone https://github.com/flyguy62n/pybastion.git
cd pybastion
uv sync --group dev
uv run pytest
Architecture
The application follows a modular, extensible architecture:
src/pybastion/
├── cli/ # Command-line interface
├── core/ # Core scanning logic
├── models/ # Data models and schemas
├── parsers/ # Device-specific parsers
├── analyzers/ # Security analysis engines
├── api_clients/ # External API integrations
├── reports/ # Report generation
└── utils/ # Utility functions
Development Status
Completed
- ✅ Project structure and architecture design
- ✅ Core framework setup
- ✅ Development environment configuration
- ✅ Base model classes and interfaces
In Progress
- 🚧 Configuration file parsers
- 🚧 Security analysis engines
- 🚧 CLI interface implementation
Planned
- 📅 API client integrations (CVE Details, End of Life)
- 📅 Report generation system
- 📅 Comprehensive test suite
- 📅 Documentation and examples
Development
Setup Development Environment
# Clone repository
git clone https://github.com/flyguy62n/pybastion.git
cd pybastion
# Install dependencies
uv sync --group dev
# Run tests
uv run pytest
# Run linting
uv run ruff check
uv run ruff format
Publishing to PyPI
This package is currently published as a development placeholder to reserve the name. The process:
# Build the package
uv build
# Test on TestPyPI first
uv publish --repository testpypi
# Publish to PyPI
uv publish
License
This project is licensed under the MIT License.
Contact
- Author: Randy Bartels
- Email: rjbartels@outlook.com
- Repository: https://github.com/flyguy62n/pybastion
- Issues: https://github.com/flyguy62n/pybastion/issues
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file pybastion-0.0.1.dev0.tar.gz.
File metadata
- Download URL: pybastion-0.0.1.dev0.tar.gz
- Upload date:
- Size: 20.1 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.7.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
8de43e152d98c1b6c5ce90e87113fe94ceaa4fa70e3c4b783778797b427163ec
|
|
| MD5 |
b087e27c3bc4568a9da18db8e62b4502
|
|
| BLAKE2b-256 |
17e6d89cf9544cad072c617422e3e1714bbd8a6900279d92277b632f1e6e04e6
|
File details
Details for the file pybastion-0.0.1.dev0-py3-none-any.whl.
File metadata
- Download URL: pybastion-0.0.1.dev0-py3-none-any.whl
- Upload date:
- Size: 31.9 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.7.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
852797f386412f7b62c8e1ed6e632262720fcc38212aa279e157c50518e0d68a
|
|
| MD5 |
015a6b546234636f843016342745030f
|
|
| BLAKE2b-256 |
46d2558cd200f441811d47bbcad8741f489ea8b9c6537bff3ca038ac442a05f3
|
