Skip to main content

Module to manage vulnerabilities

Project description

vulnerabilities - framework to manipulate vulnerabilities

PyPI Version Build Status Code coverage

The vulnerabilities module provides functions to manipulate security reports from various different tools.

Installation

Module vulnerabilities can be installed from PyPI using pip

pip install vulnerabilities

Download

vulnerabilities is available on PyPI https://pypi.org/project/vulnerabilities/

The documentation is hosted at: https://vulnerabilities.readthedocs.io/en/stable/

Code

The code and issue tracker are hosted on GitHub: https://github.com/damiencarol/vulnerabilities/

Features

Quick example

Here’s a snapshot, just to give an idea about the power of the package. For more examples, look at the documentation.

Suppose you want to read data from Bandit in pandas. here is the code:

>>> from vulnerabilities.tools.bandit.parser import BanditParser
>>> findings = BanditParser().get_findings(open("tests/scans/bandit/report1.json"), None)
>>> import pandas as pd
>>> df = pd.DataFrame.from_dict(findings)
>>> df.loc[:,['title','severity','file_path','line']]
                                               title severity                  file_path  line
0  Using xml.sax to parse untrusted XML data is k...      Low  scripts/bandit/payload.py     1
1  Use of insecure MD2, MD4, MD5, or SHA1 hash fu...   Medium  scripts/bandit/payload.py     5
2  Use of insecure MD2, MD4, MD5, or SHA1 hash fu...   Medium  scripts/bandit/payload.py     9
3  Use of assert detected. The enclosed code will...      Low  scripts/bandit/payload.py    13

All parsers will produce the same data structure with the same attributes.

Contributing

We welcome many types of contributions - bug reports, pull requests (code, infrastructure or documentation fixes). For more information about how to contribute to the project, see the CONTRIBUTING.md file in the repository.

Author

The vulnerabilities module was written by Damien Carol <damien.carol@gmail.com> in 2021.

It is maintained by:

License

All contributions released under the BSD 3-Clause License.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

vulnerabilities-0.0.5.tar.gz (430.7 kB view details)

Uploaded Source

Built Distribution

vulnerabilities-0.0.5-py2.py3-none-any.whl (11.1 kB view details)

Uploaded Python 2Python 3

File details

Details for the file vulnerabilities-0.0.5.tar.gz.

File metadata

  • Download URL: vulnerabilities-0.0.5.tar.gz
  • Upload date:
  • Size: 430.7 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: python-requests/2.27.1

File hashes

Hashes for vulnerabilities-0.0.5.tar.gz
Algorithm Hash digest
SHA256 d900f56517b4f4cb8d22012a95b03c864e28c6bf8d3b352846bb4eca7f22fcf5
MD5 6ed38bc9004cdaf0e2d537378bd84594
BLAKE2b-256 c240d8ac2e48bdd4b6c6173bf431d69dfd64950fde679c367dbf0835b3bc9489

See more details on using hashes here.

File details

Details for the file vulnerabilities-0.0.5-py2.py3-none-any.whl.

File metadata

File hashes

Hashes for vulnerabilities-0.0.5-py2.py3-none-any.whl
Algorithm Hash digest
SHA256 417c181d9100e050140e39db7ee376054258a1f565345385ce3891d7735cb7ce
MD5 4e33e90aada23f1f3866e53fba2bb376
BLAKE2b-256 4d84b02d9c845365bc5f21c406100d24f4a6de7f644215177bca99d01ca3336f

See more details on using hashes here.

Supported by

AWS Cloud computing and Security Sponsor Datadog Monitoring Fastly CDN Google Download Analytics Pingdom Monitoring Sentry Error logging StatusPage Status page