I have been working on Django and Django REST Framework projects, and I often notice recurring issues during development and code reviews.
Some common problems include:
unsafe production settings
exposed or misconfigured APIs
missing security-related configurations
potential N+1 query issues
risks like XSS and SQL injection vulnerabilities
These issues are usually detected very late, often during review or after deployment.
To address this, I explored a lightweight approach using a CLI-based security checker for Django projects.
One tool that can help in this area is django-security-hunter, which scans Django projects and highlights common security misconfigurations and performance issues early in the development process.
It can be useful for developers who want to improve security awareness during development or CI pipelines.
If anyone wants to explore it:
GitHub: https://github.com/abu-rayhan-alif/djangoSecurityHunter
PyPI: https://pypi.org/project/django-security-hunter/