Skip to main content

Using PyRaider You can scan installed dependencies known security vulnerabilities. It uses publicly known exploits, vulnerabilities database.

Project description

PyRaider

Using PyRaider You can scan installed dependencies known security vulnerabilities. It uses publicly known exploits, vulnerabilities database. Documentation

version python version license Downloads Discord Twitter

pyraider

Usage

Table of Contents

  1. Installation
  2. Usage
  3. Scan Dependencies
  4. Scan Dependencies by Severity
  5. Report
  6. Outdated package check
  7. CI/CD
  8. Fix
  9. Autofix
  10. Release Note
  11. Help

Documentation

Install pyraider using pip or pyenv

pip install pyraider
pyenv install pyraider

To check the list of options available.

pyraider -h

Scan Vulnerabilities against the dependencies

Using PyRaider you can scan the vulnerable packages.

To run basic scan you can use pyraider go command.

It will automatically detects the installed packages and scans against it and shows the report.

pyraider go

If you want to scan you packages against requirements.txt or Pipfile.lock file.

pyraider check -f /Users/raider/project/requirements.txt
pyraider check -f /Users/raider/project/Pipfile.lock

Reports

PyRaider currently supports JSON, HTML and CSV formats.

To Export as a JSON file.

pyraider go -e json result.json
pyraider check -f /Users/raider/project/requirements.txt -e json result.json

To Export as a CSV file.

pyraider go -e csv result.csv
pyraider check -f /Users/raider/project/requirements.txt -e csv result.csv

To Export as a HTML file.

pyraider check -f go -e html result.html
pyraider check -f /Users/raider/project/requirements.txt -e html result.html

Out of Date Pacakges

Using PyRaider you can check the latest packages. Against installed packages.

pyraider validate -p django==1.11.13
pyraider validate -f /Users/raider/project/requirements.txt
pyraider validate -f /Users/raider/project/Pipfile.lock

Auto Fix

PyRaider also supports fix feature. Using this you can fix the vulnerable packages.

Note: To updating the packages might affect your application.

Fix

You can fix vulnerable package.

pyraider fix

Fix by Severity

pyraider fix -s high

Autofix

You can also autofix vulnerable packages.

pyraider autofix

Autofix by severity

pyraider autofix -s high

Update latest database

Now you can update the resource database with latest updated vulnerabilities

pyraider updatedb

Docker container

You can also run pyraider has a docker container.

Build docker container image

docker build -t pyraider .

Contact us:

Contribute

  • We welcome contributions to this project in the form of:
    • Feature Requests, Suggestions
    • Bugs
    • Help with writing tests
    • Add-on features, plugins, etc
    • Documentation

Author

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

pyraider-1.0.20.tar.gz (12.2 kB view hashes)

Uploaded source

Built Distribution

pyraider-1.0.20-py3-none-any.whl (12.0 kB view hashes)

Uploaded py3

Supported by

AWS AWS Cloud computing Datadog Datadog Monitoring Facebook / Instagram Facebook / Instagram PSF Sponsor Fastly Fastly CDN Google Google Object Storage and Download Analytics Huawei Huawei PSF Sponsor Microsoft Microsoft PSF Sponsor NVIDIA NVIDIA PSF Sponsor Pingdom Pingdom Monitoring Salesforce Salesforce PSF Sponsor Sentry Sentry Error logging StatusPage StatusPage Status page