Automating Django Security Audits with SARIF Support ,Meet Django-Security-Hunter.

In many Django + DRF projects, the same security and configuration issues show up again and again during PR reviews. To address this, I built django-security-hunter — a lightweight CLI tool that surfaces common security risks and Django/DRF misconfigurations before code reaches production. It’s designed for teams that want automated checks in local development and CI, not just during review. Coverage (high level): • Settings & DRF: production Django settings and REST framework defaults / API exposure hints (when you pass --settings so Django loads). • Code & templates: risky patterns — XSS-style footguns, SSRF heuristics, unsafe deserialization, secrets in logs, hardcoded secret-like names, and SQL-injection heuristics. • Reliability / performance hints: concurrency and ORM-style patterns where applicable rules fire. • Optional: pip-audit, Bandit, and Semgrep when enabled in config or environment (external tools may need to be installed and on your PATH). See docs/rules.md in the repos