django-defender alternatives

Looking for an alternative tool to replace django-defender? During the review of django-defender we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.

Top 3

  1. django-axes (track failed login attempts for Django)
  2. ArpON (MitM defense tool)
  3. DBShield (database security shield)

These tools are ranked as the best alternatives to django-defender.

Alternatives (by score)

85

django-axes

Introduction

This tool may be used by developers that work with the Django framework. It adds a security layer on top of the application by looking at login attempts and track them.

Project details

django-axes is written in Python.

Strengths and weaknesses

  • + More than 50 contributors
  • + The source code of this software is available

    Typical usage

    • Application security

    django-axes review

    63

    ArpON

    Introduction

    ArpOn protects a system by running as a daemon and guard against a Man in the Middle (MitM) attack due to ARP spoofing, cache poisoning, or an ARP poison routing attack.

    The tool works by using three types of inspection to detect a related attack.

    • SARPI (Static ARP Inspection), statically configured networks (without DHCP)
    • DARPI (Dynamic ARP Inspection), dynamically configured networks (with DHCP)
    • HARPI (Hybrid ARP Inspection), statically and dynamically configured networks (with DHCP)

    Project details

    ArpON is written in C.

    Strengths and weaknesses

    • + The source code of this software is available

      ArpON review

      74

      DBShield

      Introduction

      This tool is typically used by developers and system administrators to protect their database against common database attacks. One of them is the SQL injection attack, that tries to bypass checks, resulting in data leakage. By using this tool, another level of security defense is implemented.

      Project details

      DBShield is written in Golang.

      Strengths and weaknesses

      • + The source code of this software is available

        Typical usage

        • Database security

        DBShield review

        60

        MongoSanitizer (python-mongo-sanitizer)

        Introduction

        Typically this type of tool would be used as an additional defense layer to prevent injection attacks from reaching the database.

        Project details

        MongoSanitizer is written in Python.

        Strengths and weaknesses

        • + The source code of this software is available

          Typical usage

          • Application security
          • Database security

          MongoSanitizer review

          78

          OpenSnitch

          Introduction

          OpenSnitch is a tool based on Little Snitch, a macOS application level firewall. All outgoing connections are monitored and the user is alerted when a new outgoing connection occurs. This allows the user to detect and block any unwanted connections.

          Project details

          OpenSnitch is written in Golang.

          Strengths and weaknesses

          • + More than 3000 GitHub stars
          • + The source code of this software is available
          • - No releases on GitHub available

          Typical usage

          • Network traffic filtering

          OpenSnitch review

          63

          Portspoof

          Introduction

          Portspoof is a small utility with the goal to make port scanning by other much harder. It achieves this by showing all configured TCP ports to be in the 'open' state instead of closed or filter. The related ports are also emulating valid services. This way a port scan on the system will reveal many open ports and look to have legitimate services running.

          Project details

          85

          Bleach

          Introduction

          Bleach is a library for Django that can sanitize HTML by escaping and stripping harmful content. It provides a filter for untrusted content and disarms potential unwanted scripts from the input. This may be useful to apply to data that is transmitted via HTML forms or otherwise.

          Project details

          Bleach is written in Python.

          Strengths and weaknesses

          • + More than 25 contributors
          • + More than 1000 GitHub stars
          • + The source code of this software is available

            Typical usage

            • Data sanitizing

            Bleach review

            97

            django-guardian

            Introduction

            The django-guardian project is typically used in environments and projects where the default Django permissions are not enough. For example, an application with multiple users and many objects may require detailed permissions on who can see a particular record. This could go as far as giving only the creator of a record (=object) access plus the people with a particular access level.

            Project details

            django-guardian is written in Python.

            Strengths and weaknesses

            • + More than 1000 GitHub stars
            • + The source code of this software is available
            • + Well-known tool

              Typical usage

              • Application security

              django-guardian review

              74

              django-security

              Introduction

              Django-security is an extension for developers seeking more security measures in their Django project. The toolkit can set or activate particular settings improving security. Examples of these settings include the use of particular HTTP headers that increase the security defenses of the web application.

              Part of the toolkit is middleware to enforce password strength, set the do-not-track header, enable content security policy (CSP), enable privacy policy (P3P), limit session length, use HTTPS (HSTS), XSS protection, and more.

              Project details

              django-security is written in Python.

              Strengths and weaknesses

              • + More than 10 contributors
              • + The source code of this software is available

                Typical usage

                • Application security

                django-security review

                74

                django-sudo

                Introduction

                For some destructive events like removing an account, you may want to revalidate if the user really wants to continue. To ensure it is the actual owner of the account, django-sudo requests authentication again within the web application. GitHub uses this as well for some events like ownership changes and deletions.

                Project details

                django-sudo is written in Python.

                Strengths and weaknesses

                • + More than 10 contributors
                • + The source code of this software is available

                  Typical usage

                  • Application security

                  django-sudo review

                  Some relevant tool missing as an alternative to django-defender? Please contact us with your suggestion.