Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
awesome-python-security
Awesome Python Security resources πΆππ
https://github.com/guardrailsio/awesome-python-security
Last synced: 1 day ago
JSON representation
-
Web Framework Hardening
- Django deployment checklist - Web framework Django has built-in feature to check for security configurations: run this command `manage.py check --deploy`. It's really helpful as it already included in the framework.
- Flask-HTTPAuth - Simple extension that provides Basic, Digest and Token HTTP authentication for Flask routes.
- Flask Talisman - Talisman is a small Flask extension that handles setting HTTP headers that can help protect against a few common web application security issues.
- Django Session CSRF - CSRF protection for Django without cookies.
-
Multi tools
- GuardRails - A GitHub App that gives you instant security feedback in your Pull Requests.
- hawkeye - Multi purpose security/vulnerability/risk scanning tool supporting Ruby, Node.js, Python, PHP and Java.
- Hubble - Hubble is a modular, open-source security compliance framework.
- Salus - Multi purpose security scanning tool supporting Ruby, Node, Python and Go.
-
Static Code Analysis
- Detect Secrets - An enterprise friendly way of detecting and preventing secrets in code.
- Bandit - Bandit is a tool designed to find common security issues in Python code.
- Pyt - A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web Applications.
-
Vulnerabilities and Security Advisories
- National Vulnerability Database - Python known vulnerabilities in the National Vulnerability Database.
- snyk Vulnerability DB - Commercial but free listing of known vulnerabilities in libraries.
- Common Vulnerabilities and Exposures - Vulnerabilities that were assigned a CVE. Covers the language and packages.
- Safety - Safety checks your installed dependencies for known security vulnerabilities.
-
Cryptography
-
Books
- Full Stack Python Security - A comprehensive look at cybersecurity for Python developers
-
Articles, Guides & Talks
- cryptography - A package designed to expose cryptographic primitives and recipes to Python developers.
- 10 Common Security Gotchas in Python - 10 common security gotchas in Python and how to avoid them.
- OWASP Python Security - Aims at creating a hardened version of python that makes it easier for developers to write applications more resilient to attacks and manipulations.
- GuardRails - A GitHub App that gives you instant security feedback in your Pull Requests.
- Snyk - A developer-first solution that automates finding & fixing known vulnerabilities in your dependencies.
- Django Security - Overview of Djangoβs security features includes advice on securing a Django-powered site.
-
Reporting Bugs
-
Penetration Testing
- sqlmap - Automatic SQL injection and database takeover tool
-
Application Templates
- wemake-django-template - Bleeding edge `django` template focused on code quality and security.
-
Hacking Playground
- Let's be bad Guys - Shiny, Let's Be Bad Guys: Exploiting and Mitigating the Top 10 Web App Vulnerabilities.
- django.nV - django.nV is a purposefully vulnerable Django application provided by nVisium.
- DSVW - Damn Small Vulnerable Web (DSVW) is a deliberately vulnerable web application written in under 100 lines of code, created for educational purposes.
- DVPWA - Damn Vulnerable Python Web Application was inspired by famous dvwa project and bobby-tables xkcd comics.
Programming Languages
Categories
Sub Categories
Keywords
python
7
security
6
flask
2
static-code-analysis
2
security-scanner
2
python3
2
docker
2
npm
2
static-analysis
2
audit
2
security-tools
2
salus
1
ruby-on-rails
1
js
1
gosec
1
golang
1
cves
1
security-scanners
1
yarn
1
bandit
1
linter
1
abstract-syntax
1
coinbase
1
circleci
1
brakeman
1
saltstack
1
quasar
1
pulsar
1
osquery
1
nova
1
nebula
1
hubble
1
ruby
1
nodejs
1
ci
1
tokens
1
flask-httpauth
1
authentication
1
vulnerability-scanners
1
database
1
detection
1
exploitation
1
pentesting
1
sql-injection
1
sqlmap
1
takeover
1
vulnerability-scanner
1
cryptography
1
libsodium
1
nacl
1