Bandit

Bandit is an open-source static application security testing (SAST) tool designed to identify common security vulnerabilities in Python code by analyzing Abstract Syntax Trees (AST) to detect issues such as hardcoded passwords, SQL injection, use of weak cryptographic algorithms, and insecure library usage. The tool provides automated security scanning with configurable plugins and generates detailed reports with severity and confidence ratings, enabling developers to address security flaws early in the development lifecycle before code reaches production.