Join us

ContentUpdates and recent posts about Bandit..
 Activity
koukibadr
@koukibadr started using tool Docker , 4 days, 19 hours ago.
 Activity
koukibadr
@koukibadr started using tool Azure Pipelines , 4 days, 19 hours ago.
 Activity
koukibadr
@koukibadr started using tool Amazon S3 , 4 days, 19 hours ago.
 Activity
ravikyada
@ravikyada started using tool Kubernetes , 4 days, 22 hours ago.
 Activity
ravikyada
@ravikyada started using tool Jenkins , 4 days, 22 hours ago.
 Activity
ravikyada
@ravikyada started using tool Grafana , 4 days, 22 hours ago.
 Activity
ravikyada
@ravikyada started using tool Docker , 4 days, 22 hours ago.
 Activity
ravikyada
@ravikyada started using tool Amazon Web Services , 4 days, 22 hours ago.
Link
varbear
@varbear shared a link, 6 days, 11 hours ago
FAUN.dev()

Why are top university websites serving p0rn? It comes down to shoddy housekeeping.

Researcher Alex Shakhov found scammers commandeering staleCNAMErecords. They hijack university subdomains (eg.berkeley.edu,columbia.edu,washu.edu) and serve p0rn and scam pages. Shakhov found hundreds of abused subdomains across at least34universities. He counted thousands of hijacked pages indexed .. read more  

Why are top university websites serving p0rn? It comes down to shoddy housekeeping.
Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email
Link
varbear
@varbear shared a link, 6 days, 11 hours ago
FAUN.dev()

I Decompiled the White House's New App

A React Native app built withExpo SDK 54runsHermes. It talks to a WordPress REST backend and bundles a 5.5MB Hermes bytecode.Its WebView injects JavaScript to strip cookies, GDPR prompts, and paywall dialogs. The build includes OneSignal's fused-location pipeline, polling at 4.5 and 9.5 minutes and.. read more  

I Decompiled the White House's New App
Share: Twitter

|

Linkedin

|

Facebook

|

Pocket

|

Reddit

|

Hacker News

|

Email
Bandit is an open source static analysis tool from the PyCQA that scans Python code for security vulnerabilities. It parses each file, builds an abstract syntax tree, and applies a series of plugins that detect risky patterns such as unsafe function calls, weak cryptography, shell injections, and insecure configuration. Bandit integrates with CI pipelines, pre-commit hooks, and development workflows, making it easy for teams to enforce secure coding standards. Its plugin-driven architecture and straightforward reporting make it a widely adopted tool in Python security and DevSecOps practices.