Using PyRaider You can scan installed dependencies known security vulnerabilities. It uses publicly known exploits, vulnerabilities database.
Project description
PyRaider
Using PyRaider You can scan installed dependencies known security vulnerabilities. It uses publicly known exploits, vulnerabilities database. Documentation
Latest Version: 1.0.2
Note: Currently pyraider support above python3 version.
Usage
Install pyraider using pip
pip install pyraider
To check the list of options available.
pyraider -h
pyraider -v to check the version.
pyraider -v
- Now
PyRaidersupports two types of scans.- Light scan
- It is faster and it checks against only the latest CVE database vulnerabilities.
- Default it will use
Light Scan.
- Deep Scan
- This may take some time to download the first time. It will scan against all the CVE database vulnerabilities.
- If you want to use
Deep Scanneed to add-dcommand. It will automatically scans against all the CVE database vulnerabilities.
- Light scan
Scan Vulnerabilities against the dependencies
Using PyRaider you can scan the vulnerable packages.
To run basic scan you can use pyraider go command.
It will automatically detects the installed packages and scans against it and shows the report.
pyraider go
- To Run Deep Sca
pyraider go -d
Note: If you are running this command the first time. The resource database will be downloaded. It may take some time to download. This will be downloaded only once. It won't download every time.
If you want to scan you packages against requirements.txt or Pipfile.lock file.
pyraider check -f /Users/raider/project/requirements.txt
pyraider check -f /Users/raider/project/Pipfile.lock
- To Run Deep Scan
pyraider check -d -f /Users/raider/project/requirements.txt
pyraider check -d -f /Users/raider/project/Pipfile.lock
If you want to scan the packages in the same directory.
pyraider check -f .
Note: If you are running this command the first time. The resource database will be downloaded. It may take some time to download. This will be downloaded only once. It won't download every time.
Reports
PyRaider currently supports
JSON,HTMLandCSVformats.
To Export as a JSON file.
pyraider check -f /Users/raider/project/requirments.txt -e json result.json
pyraider check -f /Users/raider/project/Pipfile.lock -e json result.json
To Export as a CSV file.
pyraider check -f /Users/raider/project/requirments.txt -e csv result.csv
pyraider check -f /Users/raider/project/Pipfile.lock -e csv result.csv
To Export as a HTML file.
pyraider check -f /Users/raider/project/requirments.txt -e html result.html
pyraider check -f /Users/raider/project/Pipfile.lock -e html result.html
Out of Date Pacakges
Using PyRaider you can check the latest packages. Against installed packages.
pyraider validate -f /Users/raider/project/requirments.txt
pyraider validate -f /Users/raider/project/Pipfile.lock
- It will check out of dated packages on the actiavted virtual environment.
pyraider validate
Auto Fix
PyRaider also supports
auto fixfeature. Using this you can fix the vulnerable packages.
Note: To updating the packages might affect your application.
Fix
You can fix packages vulnerabilities individually. Once it is installed it will automatically update the
requirments.txtorPipfile.lockfile.
pyraider fix
Autofix
You can also fix packages vulnerabilities at one shot. Once it is installed it will automatically update the
requirments.txtorPipfile.lockfile.
pyraider autofix
Update latest database
Now you can update the resource database with latest updated vulnerabilities
pyraider updatedb
- To Update
Deep Scandatabase
pyraider updatedb -d
Note: It may take some time to download.
Docker container
You can also run
pyraiderhas a docker container.
Build docker container image
docker build -t pyraider .
Author
Contribute
- We welcome contributions to this project in the form of:
- Feature Requests, Suggestions
- Bugs
- Help with writing tests
- Add-on features, plugins, etc
- Documentation
Contact us:
- Email : tilaknayarmelpal@gmail.com
- Twitter : https://twitter.com/ti1akt
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file pyraider-1.0.2.tar.gz.
File metadata
- Download URL: pyraider-1.0.2.tar.gz
- Upload date:
- Size: 10.7 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.22.0 setuptools/42.0.2 requests-toolbelt/0.9.1 tqdm/4.41.0 CPython/3.7.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 843c0541d15539144a29d9bd3007c2a5cb6a9d348addcb3e34b791b67565f63a |
|
| MD5 | 8ead218198fbef79edc1a00f5ba1242f |
|
| BLAKE2b-256 | 712764aebb079d50153994bd4cfe83abbfc059fc7fe03d3667304e6ef66f8fc8 |
File details
Details for the file pyraider-1.0.2-py3-none-any.whl.
File metadata
- Download URL: pyraider-1.0.2-py3-none-any.whl
- Upload date:
- Size: 11.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/3.1.1 pkginfo/1.5.0.1 requests/2.22.0 setuptools/42.0.2 requests-toolbelt/0.9.1 tqdm/4.41.0 CPython/3.7.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 3b5fbc2529d4385d3e6b6d8177a205c3f44320916fbff0425be144df15a682a2 |
|
| MD5 | 15edeb30bbf63bdde98bd2f2e1a605f8 |
|
| BLAKE2b-256 | 9ea98e1de04a902080b953d8ce5e30a6de35e417b92b011399e99e91312e1a50 |
