Tag: python
All the articles with the tag "python".
Dangerous Python Functions, Part 3
Published: at 01:33 PMIn the final part of my dangerous Python functions series, I cover more security risks including assert statements, XML parsing vulnerabilities, and unsafe input handling. Plus, I've turned the whole series into a deck of cards!
DevOps from Scratch, Part 1: Vagrant & Ansible
Published: at 12:32 PMEver wondered how to build and deploy a web app from scratch? This is the first part of my 'DevOps from Scratch' series, where we'll get hands-on with Vagrant and Ansible to automate our local development setup for a Python web application.
Answers to Django Security Questions
Published: at 06:56 AMI found a list of Django security questions but couldn't find clear answers anywhere. So I dug in and wrote them myself, covering everything from CSRF and SQL injection to password hashing and mass assignment.
Using Bandit in the Field
Published: at 03:17 PMAfter talking about Bandit, I wanted to see how it actually performed in the real world. This post shares my experience using Bandit to find vulnerabilities in Python projects and practical tips for integrating it into your workflow.
Finding Vulnerabilities with Bandit
Published: at 03:37 PMPython's dynamic nature makes it hard to catch security vulnerabilities statically. Bandit scans your Python code for common security issues. Learn how to use it to find problems before they reach production.
Dangerous Python Functions, Part 2
Published: at 02:33 PMIn part 2 of my dangerous Python functions series, I cover more risky functions like pickle.loads(), yaml.load(), and tempfile.mktemp(). These can lead to code execution, deserialization attacks, and race conditions.
Dangerous Python Functions
Published: at 02:33 PMPython's dynamic nature can lead to subtle bugs that are hard to catch. I've created a deck of cards highlighting dangerous Python functions like eval(), exec(), and input() that can cause security vulnerabilities or unexpected behavior.
Python / Django Talks
Published: at 07:51 PMI started listening to Python and Django conference talks on my commute instead of music, and it's been amazing. Here are my notes and takeaways from some of the most influential talks I've heard.
Submitting a Patch to CPython
Published: at 12:32 PMI submitted my first patch to CPython, Python's main implementation. The story of how I found a bug, worked with the core developers, and got my contribution accepted into the language.
7 Lessons Learned from Teaching My Brother to Program
Published: at 12:32 PMI spent a year teaching my 18-year-old brother to program over weekend Skype calls. Here are the seven key lessons I learned about teaching programming to beginners, from choosing the right language to keeping motivation high.