Top 23 Python Infosec Projects

• routersploit

  11 11,878 5.4 Python

  Exploitation Framework for Embedded Devices

  

• spiderfoot

  19 11,723 6.6 Python

  SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

• InfluxDB

  www.influxdata.com featured

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• dirsearch

  12 11,253 7.7 Python

  Web path scanner

Project mention: Looking for some help with this Python package | /r/learnpython | 2023-08-19

I am new to Python. With the help of several users (thanks u/Diapolo10 and u/shiftybyte)I've been able to install Python and the dirsearch package. Dirsearch (https://github.com/maurosoria/dirsearch) allows for checking website paths with a wordlist. For example, I have a wordlist file with words like "dog", "cat", "bird", etc and I want to check the validity of those words as extensions on a website. Something like "example.com/bird", "example.com/cat", etc. I have a test wordlist in the same directory as dirsearch, but I am confused on how to proceed with the commands. I want to have it check my wordlist as extensions on the example.com website and then save output on if the webpath is valid or not. Just need a little bit of help.

• rengine

  4 6,737 9.5 Python

  reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive User Interface. reNgine makes it easy for penetration testers to gather reconnaissance with minimal configuration and with the help of reNgine's correlation, it just makes recon effortless.

Project mention: Any self-host FOSS suites for running phishing testing campaigns? | /r/selfhosted | 2023-05-21

I couldn't find anything named reEngine, but I found reNgine ( https://yogeshojha.github.io/rengine/ ) which I think is what you meant.

• Awesome-WAF

  3 5,928 2.5 Python

  🔥 Web-application firewalls (WAFs) from security standpoint.

• DefaultCreds-cheat-sheet

  2 5,266 7.5 Python

  One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️

• faraday

  8 4,615 5.0 Python

  Open Source Vulnerability Management Platform (by infobyte)

  

• SaaSHub

  www.saashub.com featured

  SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

  

• can-i-take-over-xyz

  14 4,449 5.2 Python

  "Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

• LinkFinder

  2 3,465 1.0 Python

  A python script that finds endpoints in JavaScript files

• snoop

  7 2,687 9.4 Python

  Snoop — инструмент разведки на основе открытых данных (OSINT world)

Project mention: Osint update of the Snoop Project tool search for user by nickname | news.ycombinator.com | 2024-01-02

• cicd-goat

  17 1,806 5.0 Python

  A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.

  

Project mention: CI/CD Access All Areas? | dev.to | 2023-09-23

In this blog post, we want to explore what happens if a development machine gets compromised, granting an attacker write access to source code repositories. To experience this first-hand, we're using CI/CD Goat, and one of the CTF challenges to play through the scenario of an attacker gaining access to sensitive data within build infrastructure.

• Malcolm

  4 1,743 9.9 Python

  Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.

  

• yeti

  2 1,633 9.6 Python

  Your Everyday Threat Intelligence

  

• Bashfuscator

  1 1,503 0.0 Python

  A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.

  

• Name-That-Hash

  10 1,411 0.0 Python

  🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 300+ other hashes ☄ Comes with a neat web app 🔥

  

• mongoaudit

  1 1,308 0.0 Python

  🔥 A powerful MongoDB auditing and pentesting tool 🔥

  

• Search-That-Hash

  12 1,201 0.0 Python

  🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡

  

• passphrase-wordlist

  1 1,146 2.0 Python

  Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords

• PlumHound

  1 1,014 8.7 Python

  Bloodhound for Blue and Purple Teams

  

Project mention: Dealing with large BloodHound datasets | dev.to | 2023-12-06

Name Description Url BloodHound BloodHound GUI https://github.com/BloodHoundAD/BloodHound/ PlumHound Generate a report with actions to resolve the security flaws in the Active Directory configuration https://github.com/DefensiveOrigins/PlumHound/ GoodHound GoodHound operationalises Bloodhound by determining the busiest paths to high value targets and creating actionable output to prioritise remediation of attack paths. https://github.com/idnahacks/GoodHound/ BlueHound Tool that helps blue teams pinpoint the security issues that actually matter. By combining information about user permissions, network access and unpatched vulnerabilities, BlueHound reveals the paths attackers would take if they were inside your network. https://github.com/zeronetworks/BlueHound/

• Hunting-Queries-Detection-Rules

  7 997 9.3 Python

  KQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules & Hunting Rules.

Project mention: Advanced Hunting queries every admin should use | /r/DefenderATP | 2023-05-29

• kubestriker

  8 978 0.0 Python

  A Blazing fast Security Auditing tool for Kubernetes

  

• DumpsterFire

  3 959 0.0 Python

  "Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.

• AutoPWN-Suite

  3 875 4.0 Python

  AutoPWN Suite is a project for scanning vulnerabilities and exploiting systems automatically.

• SaaSHub

  www.saashub.com featured

  SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

  

Python Infosec related posts

• Show HN: Automatic security lookups from your clipboard

  1 project | news.ycombinator.com | 3 Jan 2024

• How to add a man page to your Ruby project, using kramdown-man and markdown

  2 projects | /r/ruby | 6 Dec 2023

• CI/CD Access All Areas?

  1 project | dev.to | 23 Sep 2023

• That is why utilizing Tails OS (and Whonix OS) in a combination with automated data self-destruction is always worthwhile…

  3 projects | /r/opsec | 22 Apr 2023

• GitHub - adityatelange/htb-writeups-fetcher: Automated Script with GitHub actions to fetch official #HackTheBox write-ups after the box is **retired**.

  1 project | /r/netsec | 2 Feb 2023

• Wordlists

  4 projects | /r/hacking | 29 Jan 2023

• I forgot my Router's password and I can just press Reset Button on router.. but is there any fun way to change the password? I know the Wifi's Username/Pass and Router's admin name.

  1 project | /r/HowToHack | 12 Jan 2023
• A note from our sponsor - SaaSHub
  www.saashub.com | 1 May 2024

  SaaSHub helps you find the best software and product alternatives Learn more →

Index

Sponsored

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com

Do not miss the trending Python projects with our weekly report!