• Stars
    star
    198
  • Rank 196,898 (Top 4 %)
  • Language
  • Created over 5 years ago
  • Updated about 3 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A collection of Django security-related tools and libs.

Awesome

List inspired by the awesome list thing.

Supported by: Vinta Software


Awesome Django Security

A collection of Django security-related tools and topics. If you are concerned about security and use django for productivity, this can be of help.

If you'd like to contribute to this list, simply open a PR with your additions.

Maintained by @tcostam. If you have contributions but don't have the time, give me a shout at twitter

Table of Contents

Libs

MFA

  • Django Secure Auth: Secure authentication by TOTP, SMS, Codes & Question. Login protected by IP ranges and with captcha
  • Django MFA2: A Django app that handles MFA, it supports TOTP, U2F, FIDO2 U2F (Webauthn), Email Token and Trusted Devices
  • Django Two Factor Auth: Django Two Factor Auth: Complete Two-Factor Authentication for Django providing the easiest integration into most Django projects

Session management

Permissions management

  • DjangoRestFramework Api Key: API key permissions for the Django REST Framework
  • Django Rules: flexible and scalable Django authorization backend for unified per object permission management
  • Django Rules: provides object-level permissions to Django, without requiring a database
  • Django Role Permissions: A django app for role based permissions
  • Dry Rest Permissions: Dry Rest Permissions: Rules based permissions for the Django Rest Framework
  • Django Guardian: implementation of per-object permissions on top of Django's authorization backend.
  • Django Authority: A Django app that provides generic per-object-permissions for Django's auth app and helpers to create custom permission checks
  • Django Permission: An enhanced permission system which support object permission in Django
  • Django Rulez: A lean and mean object-level rules system for the Django framework

Honeypots

  • Django Admin Honeypot: django-admin-honeypot is a fake Django admin login screen to log and notify admins of attempted unauthorized access
  • Django Honeypot: Django Honeypot: Generic honeypot utilities for use in django projects

Cryptography

Storage

Other

  • Django Security: A collection of models, views, middlewares, and forms to help secure a Django project.
  • Django Sudo: Extra security for your sensitive pages
  • Django Impersonate: Simple app to allow superusers to login as other (non-superuser) accounts via a quick user switch process
  • Wemake Django Template: Bleeding edge django template focused on code quality and security
  • Django SSLify: Force SSL on your Django site
  • Django Stronghold: Make all your Django views default login_required
  • Django Lockdown: Django Lockdown: Lock down a Django site or individual views, with configurable preview authorization
  • Impostor: Django app that enables staff to log in as other users using their own credentials
  • Django Primate: A Modular Django User
  • Django HTML Sanitizer: A set of HTML input sanitization or cleaning utilities for django models, forms and templates
  • Django Rules Light: This is a simple alternative to django-rules. The core difference is that it uses as registry that can be modified on runtime, instead of database models.
  • Django Inspectional Registration: Django registration app with Inspection before activation
  • Django Mongo Auth: Django authentication based on an extensible MongoEngine user class
  • HTML Sanitizer: Allowlist-based HTML cleaner
  • Bleach: Bleach is an allowed-list-based HTML sanitizing library that escapes or strips markup and attributes

Tools

  • Django Trawler: This app is used to send out phishing emails and collect data on which recipients acted on them
  • DJ Checkup: basic automated security checkup for Django websites
  • SSL Checker: diagnose problems with your SSL certificate installation
  • Safety: check your dependencies for known security vulnerabilities
  • Mozilla Observatory: The Mozilla Observatory is a set of tools to analyze your website and inform you if you are utilizing the many available methods to secure it.
  • Snyk: CLI and build-time tool to find & fix known vulnerabilities in open-source dependencies

Vulnerabilities

Guidelines

Documentation

Courses

Talks

Articles

More Repositories

1

django-react-boilerplate

Django 5, React, Bootstrap 5 with Python 3 and webpack project boilerplate
Python
1,918
star
2

django-templated-email

Django module to easily send templated emails using django templates, or using a transactional mail provider (mailchimp, silverpop, etc.)
Python
680
star
3

django-role-permissions

A django app for role based permissions.
Python
650
star
4

python-linters-and-code-analysis

Python Linters and Code Analysis tools curated list
505
star
5

tapioca-wrapper

Python API client generator
Python
344
star
6

python-api-checklist

Useful checklist for building good Python library APIs, based on "How to make a good library API" PyCon 2017 talk.
335
star
7

playbook

Vinta's Best Moves Compiled
219
star
8

django-ai-assistant

Integrate AI Assistants with Django to build intelligent applications
Python
196
star
9

drf-rw-serializers

Generic views, viewsets and mixins that extend the Django REST Framework ones adding separated serializers for read and write operations
Python
176
star
10

classy-django-rest-framework

Detailed descriptions, with full methods and attributes, for each of Django REST Framework's class-based views and serializers.
Python
170
star
11

django-zombodb

Easy Django integration with Elasticsearch through ZomboDB Postgres Extension
Python
149
star
12

django-virtual-models

Improve performance and maintainability with a prefetching layer in your Django project
Python
146
star
13

entity-embed

PyTorch library for transforming entities like companies, products, etc. into vectors to support scalable Record Linkage / Entity Resolution using Approximate Nearest Neighbors.
Jupyter Notebook
143
star
14

celery-tasks-checklist

Useful checklist for building great Celery tasks.
117
star
15

django-apps-checklist

Useful checklist for build great Django apps. Feel free to contribute!
104
star
16

django-celerybeat-status

A library that integrates with django admin and shows in a simple GUI when your periodic are going to run next.
Python
100
star
17

deduplication-slides

"1 + 1 = 1 or Record Deduplication with Python" Jupyter Notebook
Jupyter Notebook
83
star
18

django-knowledge-share

The engine behind Vinta's Lessons Learned page.
Python
37
star
19

django-production-launch-checklist

A checklist we use here at Vinta before launching a product we've been working on.
37
star
20

tapioca-facebook

Facebook GraphAPI wrapper using tapioca
Python
28
star
21

checklist-para-propostas-pybr

Checklist para propostas de palestras para Python Brasil
25
star
22

eslint-config-vinta

Vinta's ESLint and Prettier shareable configs.
JavaScript
23
star
23

github-metrics

Script for fetching github metrics for your project.
Python
22
star
24

devchecklists-template

The template to create your checklist on Devchecklists. https://devchecklists.com
22
star
25

hub.rocks

An online jukebox with all the songs from Deezer and YouTube. Built with Django and Angular.
Python
21
star
26

django-pg-tenants

Python
20
star
27

aurorae

🌅 🌇 A tool to generate fixed-width CNAB240 files to perform bulk payments
Python
20
star
28

cookiecutter-tapioca

A cookiecutter template for new tapioca wrappers
Python
19
star
29

GPTBundle

GPTBundle, a React application toolkit, harnesses AI to convert textual content into structured forms and delivers advanced autofill suggestions.
TypeScript
19
star
30

critical-incidents-checklist

Useful checklist for dealing with recovery crisis. Based on the talk "Saving Great Projects" 2017 Python Brasil
18
star
31

production-launch-checklist

A checklist we use here at Vinta before launching a product we've been working on.
16
star
32

tapioca-twitter

Twitter API wrapper using tapioca
Python
16
star
33

safari-samesite-cookie-issue

A Django 2.1 project to reproduce WebKit Bug 188165 and Django Ticket #30250
Python
15
star
34

pull-requests-checklist

Do's and Don'ts for Pull Requests. Improve code quality and review speed.
14
star
35

tapioca-instagram

Python
11
star
36

normalizr-redux-talk

Repository containing demo and resouces for the Normalizr Redux talk
JavaScript
8
star
37

django-psi

Easily integrate Google PageSpeed Insights to your development process - with timeline visualization
Python
8
star
38

pythonwat

Slides of Python WAT talk, see README for interactive version. Or go to http://vintasoftware.github.io/pythonwat/ for the HTML compiled one. PT-BR only for now.
Jupyter Notebook
8
star
39

vinta-design-checklists

Design checklists made by our internal team
7
star
40

high-quality-software-standards-checklists

A checklist we use here at Vinta to ensure high quality software at scale
6
star
41

devchecklists.com-content

devchecklists.com
TypeScript
6
star
42

palestra-normalizacao-django

Exemplos para a palestra "Normalize até machucar, desnormalize até funcionar em Django" da Python Nordeste 2018
Python
6
star
43

vinta-feedback-checklists

Checklists about the feedback process.
6
star
44

django-data-watcher

Python
6
star
45

django-upload-files-straight-to-s3

Example project on how to upload files from the frontend straight to S3 without sending to the server using django
Python
6
star
46

bug-card-creation-checklist

Checklist with what we believe should be written whenever a bug card is written.
5
star
47

django-bug-finder

Python
5
star
48

pr-reviewer-checklist

Set of guidelines for anyone reviewing a PR to make sure it's more civilized and avoid creating a toxic feedback culture
5
star
49

ab-testing-checklist

A checklist we use when creating A/B tests on our projects
5
star
50

tapioca-youtube

Youtube API Wrapper using Tapioca
Python
4
star
51

feature-card-creation-checklist

Checklist on how to best describe on a Trello card what needs to be done in a feature
4
star
52

weekly-meeting-checklist

Checklist to avoid wasting time in meetings, focusing them on sharing knowledge, instead of updates.
4
star
53

trigger.io-tcp

trigger.io module for TCP sockets
Java
4
star
54

dojo

Python
4
star
55

sprint-meeting-checklist

Checklist with preparations we at Vinta do for every sprint meeting we
4
star
56

landing-page-creation-checklist

Checklist of concerns one must have whenever creating a landing page completely dissociated from your original homepage
4
star
57

dedupe-clustering-experiments

Experimenting new types of clustering algorithms for Dedupe library
Jupyter Notebook
4
star
58

tapioca-mailgun

Mailgun API wrapper using tapioca
Python
4
star
59

tapioca-bitbucket

Bitbucket API wrapper using tapioca
Python
3
star
60

django-sass-bower-compressor-example

Python
3
star
61

cordova-toast-plugin

Cordova toast message plugin
Java
3
star
62

celery-persistent-revokes

Celery task revokes are stored on memory or on file. This packages makes possible to easely customize how your revokes are stored (Ex.: Database).
Python
3
star
63

django-stack

Python
2
star
64

feature-development-workflow

Developing a feature is much more than just coding it what was specified. This checklist covers other points that are important for code quality and a smoother hand-off.
2
star
65

tapioca-parse

Parse REST API wrapper using tapioca
Python
2
star
66

github-monitor

Python
2
star
67

react-jest-blog-post

JavaScript
2
star
68

django-linters-talk-demo

Demos for DjangoCon 2017 talk: Preventing headaches with linters and automated checks
Python
2
star
69

user-documentation-checklists

General guidelines on how to build awesome SaaS user documentation!
2
star
70

tapioca-mandrill

Mandrill API wrapper using tapioca
Python
2
star
71

medplum-snippet-catalog

A collection of reusable code snippets and components for Medplum projects.
TypeScript
2
star
72

identity-validation

Project to validate we're actually members of Vinta Software
1
star
73

tapioca-harvest

Harvest wrapper using tapioca
Python
1
star
74

react-flux-example

JavaScript
1
star
75

rise-jupyter-talk

Slides da talk "Fazendo apresentações real-time com Jupyter" da Python Sudeste 2016
OpenEdge ABL
1
star