Use Assess CLI with Python agents
Use this procedure if you are using Contrast Python agents and want tto find vulnerabilities while running API or end-to-end testing..
Before you begin
Verify your application can use the Assess CLI by checking the Python supported technologies.
Steps
Install the agent using
pip:pip install contrast-agent
Tip
If you have a
requirements.txtfile, you can addcontrast-agentto that file, and install withpip install -r requirements.txt.Important
Do not create a configuration (YAML) file for the agent. The Assess CLI creates this file automatically.
Verify that
autoconfis installed on the system where you will run the agent.Open a terminal window and enter the Assess CLI command:
contrast assess
This command generates the agent configuration file that the Contrast CLI and the agent share. CLI commands describes the options for this command, including the path for the configuration file.
You see output similar to this:
✔Configuration file found at "user_path"⠼ Waiting for the session to be created.Run your application using your IDE or a second terminal window.
Exercise your application, either interactively or using automated API or end-to-end tests.
In the terminal window where you entered the Assess CLI command, view the results.