Skip to main content

Built-in security scanner for Java, PHP, Flutter, Terraform, Ansible, Python, Go, and 20+ languages. No external tools. pip install && argus-languages scan .

Project description

argus-languages

Built-in security scanner for 20+ languages and IaC formats — pure Python, no Semgrep, no Checkov, no extra installs.

pip install argus-languages
argus-languages scan /path/to/your/project

Requires Python 3.10+.


Quick start

pip install argus-languages

# Scan any supported project (auto-detects languages)
argus-languages scan /path/to/project

# JSON output
argus-languages scan /path/to/project --format json

# Scan a single file
argus-languages scan ./src/main.java

Python API

from argus_languages import scan_directory

result = scan_directory("/path/to/repo")
print(f"Findings: {len(result.findings)}")
for f in result.findings:
    print(f"[{f.severity}] {f.file}:{f.line}{f.title}")

Usage by language

Same command for every language — point at your project root or a specific file.

JavaScript / TypeScript / Vue

argus-languages scan ./my-node-app
argus-languages scan ./src/components/Button.tsx

| Scans | .js .jsx .ts .tsx .mjs .vue | | Checks | XSS, SQL injection patterns, eval/exec, weak crypto, hardcoded secrets, CORS wildcard, NoSQL injection |

React / Next.js projects: use argus-codescan on npm instead — no Python needed.


Python

argus-languages scan ./django-app
argus-languages scan ./api/main.py

| Scans | .py .pyw | | Checks | Debug mode, hardcoded Flask secret, Django ALLOWED_HOSTS = *, SQL injection, pickle/yaml deserialization, command injection |


Java / Kotlin / Scala

argus-languages scan ./spring-boot-app
argus-languages scan ./android-app/src/main/java

| Scans | .java .jsp .kt .kts .scala | | Checks | SQL concatenation, XXE parsers, LDAP injection, path traversal, Spring CSRF disabled, log injection |


PHP

argus-languages scan ./laravel-app
argus-languages scan ./public/index.php

| Scans | .php .phtml | | Checks | XSS via echo $_…, LFI via include($…), SQL injection, unsafe unserialize(), open redirects |


Go

argus-languages scan ./cmd/api
argus-languages scan ./main.go

| Scans | .go | | Checks | SQL via fmt.Sprintf, TLS InsecureSkipVerify, command injection |


Ruby

argus-languages scan ./rails-app

| Scans | .rb .erb | | Checks | Shell injection, mass assignment, command injection |


C# / Rust / Swift / Scala / Perl / Lua / Elixir

argus-languages scan ./dotnet-api      # .cs
argus-languages scan ./rust-service    # .rs
argus-languages scan ./ios-app         # .swift
argus-languages scan ./elixir-app      # .ex .exs
Language Extensions Example checks
C# .cs SQL concat, BinaryFormatter deserialization
Rust .rs unsafe blocks, shell via Command
Swift .swift Insecure credential storage
Perl .pl .pm Open with user input
Lua .lua loadstring / dynamic eval
Elixir .ex .exs Code.eval_string

Dart / Flutter (mobile)

argus-languages scan ./my-flutter-app

| Scans | .dart files, pubspec.yaml, AndroidManifest.xml, Info.plist | | Checks | |

Dart source (.dart):

  • Cleartext http:// URLs
  • Hardcoded API keys / tokens
  • Weak MD5/SHA-1 hashing
  • TLS validation disabled (badCertificateCallback)
  • Sensitive data in SharedPreferences
  • Unrestricted WebView JavaScript
  • SQL concatenation in rawQuery

Flutter config:

  • android:debuggable="true" in AndroidManifest
  • Cleartext traffic / allowBackup / exported components
  • iOS ATS disabled (NSAllowsArbitraryLoads)
  • Hardcoded secrets in pubspec.yaml

Skips generated files: *.g.dart, *.freezed.dart.


Terraform

argus-languages scan ./infra
argus-languages scan ./modules/vpc/main.tf

| Scans | .tf .tfvars .hcl | | Checks | Public S3 ACLs, 0.0.0.0/0 security groups, unencrypted EBS, public RDS, hardcoded secrets, IAM wildcards, GCP/Azure public access |


Ansible

argus-languages scan ./ansible
argus-languages scan ./playbooks/site.yml

| Scans | .yml / .yaml in roles/, playbooks/, tasks/, handlers/, etc. | | Checks | Hardcoded passwords, SSL verify disabled, open file permissions (777), shell module usage, hardcoded tokens |


Docker

argus-languages scan ./Dockerfile
argus-languages scan ./docker-compose.yml

| Scans | Dockerfile, docker-compose.yml / .yaml | | Checks | Secrets in ENV, privileged mode, host network, docker socket mount, :latest tags |


Kubernetes

argus-languages scan ./k8s
argus-languages scan ./manifests/deployment.yaml

| Scans | .yaml / .yml / .json with apiVersion + kind | | Checks | Privileged containers, runAsUser 0, hostNetwork/hostPID, plaintext secrets, wildcard RBAC |


Shell / SQL

argus-languages scan ./scripts/deploy.sh
argus-languages scan ./migrations/001_users.sql

| Scans | .sh .bash .zsh / .sql | | Checks | curl piped to bash, unquoted variables / GRANT ALL / dynamic SQL exec |


Monorepo / multi-language project

Scan the whole repo — all languages are detected automatically:

argus-languages scan .

Example: a repo with frontend/ (JS), backend/ (Java), and infra/ (Terraform) is scanned in one command.


Full Argus CLI (optional)

For CSV export, MCP, DAST, and external tools (Checkov, tfsec, ansible-lint):

pip install argus-scan
argus scan code /path/to/project --output ./report.csv
argus scan terraform /path/to/infra
argus scan all /path/to/project

All supported languages

Category Languages / formats
Web & app JavaScript, TypeScript, Python, Java, Kotlin, PHP, Go, Ruby, C#, Rust, Swift, Scala, Perl, Lua, Elixir, Vue, Dart
Mobile Flutter (Dart + AndroidManifest + Info.plist + pubspec.yaml)
Infrastructure Terraform, Ansible, Docker, Kubernetes
Other Shell, SQL

Related packages

Package Install Use case
argus-languages pip install argus-languages This package — lightweight, all languages above
argus-scan pip install argus-scan Full CLI + MCP + DAST + Checkov/tfsec
argus-codescan npm install argus-codescan React / Next.js / Node only

License

MIT — see GitHub.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

argus_languages-0.1.2.tar.gz (13.3 kB view details)

Uploaded Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

argus_languages-0.1.2-py3-none-any.whl (18.7 kB view details)

Uploaded Python 3

File details

Details for the file argus_languages-0.1.2.tar.gz.

File metadata

  • Download URL: argus_languages-0.1.2.tar.gz
  • Upload date:
  • Size: 13.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/6.2.0 CPython/3.11.13

File hashes

Hashes for argus_languages-0.1.2.tar.gz
Algorithm Hash digest
SHA256 46e7f3f7a2ba4b011c045ed7c71f4fb321f831fac7f31de0928506595fbab748
MD5 519b427c7b6776c44966b1c9bd30a339
BLAKE2b-256 a4ba04cca24479bd497e69f735616d293682ed2d15810c5fba53a78d4d8fee4a

See more details on using hashes here.

File details

Details for the file argus_languages-0.1.2-py3-none-any.whl.

File metadata

File hashes

Hashes for argus_languages-0.1.2-py3-none-any.whl
Algorithm Hash digest
SHA256 c2fcca21d91bc06241240b7dd2d0cc7bb52ec502ca4e1b639518407cafdda7dc
MD5 f7e9ff65427d68b2d06cd06bef3f6603
BLAKE2b-256 2890478c1e3ce42fbde027e0e95d22d1468f2dccd13519c9ba5cd6c2fe2f3dc7

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Depot Continuous Integration Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page