Combine multiple popular python security tools and generate reports or output into different formats
Project description
SimpleSecurity
Combine multiple popular python security tools and generate reports or output into different formats
Plugins (these require the plugin executable in the system path. e.g. bandit requires bandit to be in the system path...)
- bandit
- safety
- dodgy
- dlint
- semgrep
Formats
- ansi (for terminal)
- json
- markdown
- csv
- sarif
Example Use
See below for the output if you run simplesecurity in this directory
Help
usage: __main__.py [-h] [--format FORMAT] [--plugin PLUGIN] [--file FILE] [--level LEVEL] [--confidence CONFIDENCE]
[--no-colour] [--high-contrast] [--fast] [--zero]
Combine multiple popular python security tools...
and generate reports or output into different formats.
optional arguments:
-h, --help show this help message and exit
--format FORMAT, -f FORMAT
Output format. One of ansi, json, markdown, csv. default=ansi
--plugin PLUGIN, -p PLUGIN
Plugin to use. One of bandit, safety, dodgy, dlint, semgrep, all, default=all
--file FILE, -o FILE Filename to write to (omit for stdout)
--level LEVEL, -l LEVEL
Minimum level/ severity to show
--confidence CONFIDENCE, -c CONFIDENCE
Minimum confidence to show
--no-colour, -z No ANSI colours
--high-contrast, -Z High contrast colours
--fast, --skip Skip long running jobs. Will omit plugins with long run time (applies to -p all only)
--zero, -0 Return non zero exit code if any security vulnerabilities are found
You can also import this into your own project and use any of the functions in the DOCS
Table of Contents
- Example Use
- Developer Notes
- Documentation
- Install With PIP
- Language information
- Install Python on Windows
- Install Python on Linux
- Install Python on MacOS
- How to run
- Building
- Testing
- Download Project
- Community Files
Developer Notes
Generate semgrep_sec.yaml
-
cd to
semgrep-rules/python -
do
cat **/security/**/*.yaml >> semgrep_sec.yaml cat **/security/*.yaml >> semgrep_sec.yaml
-
Find and replace
rules:with `` apart from the first instance -
Reformat with
ctrl+shift+i -
replace simplesecurity/semgrep_sec.yaml with the new one
Documentation
A high-level overview of how the documentation is organized organized will help you know where to look for certain things:
- The Technical Reference documents APIs and other aspects of the machinery. This documentation describes how to use the classes and functions at a lower level and assume that you have a good high-level understanding of the software.
Install With PIP
"Slim" Build: Install bandit, dlint, dodgy, poetry, and safety with pipx
pip install simplesecurity
Otherwise:
pip install simplesecurity[full]
Head to https://pypi.org/project/SimpleSecurity/ for more info
Language information
Built for
This program has been written for Python versions 3.8 - 3.11 and has been tested with both 3.8 and 3.11
Install Python on Windows
Chocolatey
choco install python
Windows - Python.org
To install Python, go to https://www.python.org/downloads/windows/ and download the latest version.
Install Python on Linux
Apt
sudo apt install python3.x
Dnf
sudo dnf install python3.x
Install Python on MacOS
Homebrew
brew install python@3.x
MacOS - Python.org
To install Python, go to https://www.python.org/downloads/macos/ and download the latest version.
How to run
Windows
-
Module
py -3.x -m [module]or[module](if module installs a script) -
File
py -3.x [file]or./[file]
Linux/ MacOS
-
Module
python3.x -m [module]or[module](if module installs a script) -
File
python3.x [file]or./[file]
Building
This project uses https://github.com/FHPythonUtils/FHMake to automate most of the building. This command generates the documentation, updates the requirements.txt and builds the library artefacts
Note the functionality provided by fhmake can be approximated by the following
handsdown --cleanup -o documentation/reference
poetry export -f requirements.txt --output requirements.txt
poetry export -f requirements.txt --with dev --output requirements_optional.txt
poetry build
fhmake audit can be run to perform additional checks
Testing
For testing with the version of python used by poetry use
poetry run pytest
Alternatively use tox to run tests over python 3.8 - 3.11
tox
Download Project
Clone
Using The Command Line
-
Press the Clone or download button in the top right
-
Copy the URL (link)
-
Open the command line and change directory to where you wish to clone to
-
Type 'git clone' followed by URL in step 2
git clone https://github.com/FHPythonUtils/SimpleSecurity
More information can be found at https://help.github.com/en/articles/cloning-a-repository
Using GitHub Desktop
- Press the Clone or download button in the top right
- Click open in desktop
- Choose the path for where you want and click Clone
More information can be found at https://help.github.com/en/desktop/contributing-to-projects/cloning-a-repository-from-github-to-github-desktop
Download Zip File
- Download this GitHub repository
- Extract the zip archive
- Copy/ move to the desired location
Community Files
Licence
MIT License Copyright (c) FredHappyface (See the LICENSE for more information.)
Changelog
See the Changelog for more information.
Code of Conduct
Online communities include people from many backgrounds. The Project contributors are committed to providing a friendly, safe and welcoming environment for all. Please see the Code of Conduct for more information.
Contributing
Contributions are welcome, please see the Contributing Guidelines for more information.
Security
Thank you for improving the security of the project, please see the Security Policy for more information.
Support
Thank you for using this project, I hope it is of use to you. Please be aware that those involved with the project often do so for fun along with other commitments (such as work, family, etc). Please see the Support Policy for more information.
Rationale
The rationale acts as a guide to various processes regarding projects such as the versioning scheme and the programming styles used. Please see the Rationale for more information.
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
File details
Details for the file simplesecurity-2023.tar.gz.
File metadata
- Download URL: simplesecurity-2023.tar.gz
- Upload date:
- Size: 38.5 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.3.1 CPython/3.10.8 Windows/10
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 9ae2d79dcabe320c0a7c171334d5e47d834255a3cac00542e9a38786a56707a5 |
|
| MD5 | 845ca3633ff740c8279129be0771ea0a |
|
| BLAKE2b-256 | 1de366ebccf04ee2caa79b302e123292633bd6b35c58d89d314fd90ed6d6683d |
File details
Details for the file simplesecurity-2023-py3-none-any.whl.
File metadata
- Download URL: simplesecurity-2023-py3-none-any.whl
- Upload date:
- Size: 36.4 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: poetry/1.3.1 CPython/3.10.8 Windows/10
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 | 43aa124305d609478d63ee315ca1af3a838d62b0b1b8604826d905ad4a35e4ee |
|
| MD5 | e5098ca7a703249b0e14dfe1475a468d |
|
| BLAKE2b-256 | 1520f74d18479c50346ca8736d7166b5f02ca1cdc38d19bb1efd76e668188a2a |
