Ingest, store, & analyze all types of time series data in a fully-managed, purpose-built database. Keep data forever with low-cost storage and superior data compression. Learn more →
Top 23 Python Infosec Projects
Exploitation Framework for Embedded DevicesProject mention: I forgot my Router's password and I can just press Reset Button on router.. but is there any fun way to change the password? I know the Wifi's Username/Pass and Router's admin name. | /r/HowToHack | 2023-01-12
Web path scannerProject mention: The 36 tools that SaaS can use to keep their product and data safe from criminal hackers (manual research) | /r/SaaS | 2023-05-22
Write Clean Python Code. Always.. Sonar helps you commit clean code every time. With over 225 unique rules to find Python bugs, code smells & vulnerabilities, Sonar finds the issues while you focus on the work.
SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.Project mention: piece of software to find /crawl information about yourself? | /r/opsec | 2023-04-10
I’d suggest Spiderfoot.
🔥 Web-application firewalls (WAFs) from security standpoint.Project mention: xss waf bypass | /r/hacking | 2022-07-24
One place for all the default credentials to assist the Blue/Red teamers activities on finding devices with default password 🛡️Project mention: Database of default usernames and passwords? | /r/hacking | 2023-02-10
Open Source Vulnerability Management Platform (by infobyte)Project mention: Penetration Testing Report | /r/Pentesting | 2022-12-20
or you can also use our open source version: https://github.com/infobyte/faraday
"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.Project mention: Books for pentesting and bug Bounty | /r/cybersecurity | 2022-08-28
Access the most powerful time series database as a service. Ingest, store, & analyze all types of time series data in a fully-managed, purpose-built database. Keep data forever with low-cost storage and superior data compression.
Says it's inspired by "LinkFinder", which was useful in dredging up what the original purpose of the tool was: https://gerbenjavado.com/discovering-hidden-content-using-li...
Scan for open S3 buckets and dump the contentsProject mention: sa7mon/S3Scanner: Scan for open S3 buckets and dump the contents | /r/PrivateCyberMiliTec | 2022-11-03
Snoop — инструмент разведки на основе открытых данных (OSINT world)Project mention: OSINT Tool that searches by nickname on 2800+ sites Spanish translation | /r/OSINT | 2023-03-16
A deliberately vulnerable CI/CD environment. Learn CI/CD security through multiple challenges.Project mention: New challenge added to the CI/CD Goat CTF | /r/hacking | 2022-11-16
Your Everyday Threat IntelligenceProject mention: Yeti: Organize observables, indicators of compromise, TTPs, and threats | news.ycombinator.com | 2022-10-17
🔥 A powerful MongoDB auditing and pentesting tool 🔥
🔗 Don't know what type of hash it is? Name That Hash will name that hash type! 🤖 Identify MD5, SHA256 and 300+ other hashes ☄ Comes with a neat web app 🔥Project mention: Hash question - How do you know?! | /r/tryhackme | 2022-11-05
A tool called name that hash https://nth.skerritt.blog
A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team.Project mention: Please be gentle | /r/ProgrammerHumor | 2022-09-15
Try and figure out what this does... I used a tool I wrote years ago called Bashfuscator to create it: https://github.com/Bashfuscator/Bashfuscator
🔎Searches Hash APIs to crack your hash quickly🔎 If hash is not found, automatically pipes into HashCat⚡Project mention: New to hashcracking and feeling stuck, pls backseat me :) [MD5] | /r/HashCracking | 2022-10-06
Search That Hash found 1/4 ('0pensesam3', not surprising, since rockyou has 'opensesam' and you get there with just so0 and $3 as rules)
Passphrase wordlist and hashcat rules for offline cracking of long, complex passwords
A Blazing fast Security Auditing tool for Kubernetes
"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.Project mention: If you could name 5 tools/software worth learning for a cybersecurity analyst to become more employable, what would they be? | /r/cybersecurity | 2022-07-24
https://github.com/TryCatchHCF/DumpsterFire The DumpsterFire Toolset is a modular, menu-driven, cross-platform tool for building repeatable, time-delayed, distributed security events. Easily create custom event chains for Blue Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Turn paper tabletop exercises into controlled "live fire" range events. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.
WebMap-Nmap Web Dashboard and ReportingProject mention: Mapping out a network | /r/sysadmin | 2022-10-24
WebMap will let you import your xml file to view a visualized network map.
OSINT Project (by kennbroorg)
Scaling Network Scanning. Changes prior to 1.0 may cause difficult to avoid backwards incompatibilities. You've been warned.Project mention: Shodan | /r/HowToHack | 2022-08-25
StalkPhish - The Phishing kits stalker, harvesting phishing kits for investigations.
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Python Infosec related posts
That is why utilizing Tails OS (and Whonix OS) in a combination with automated data self-destruction is always worthwhile…
3 projects | /r/opsec | 22 Apr 2023
GitHub - adityatelange/htb-writeups-fetcher: Automated Script with GitHub actions to fetch official #HackTheBox write-ups after the box is **retired**.
1 project | /r/netsec | 2 Feb 2023
4 projects | /r/hacking | 29 Jan 2023
I forgot my Router's password and I can just press Reset Button on router.. but is there any fun way to change the password? I know the Wifi's Username/Pass and Router's admin name.
1 project | /r/HowToHack | 12 Jan 2023
Is there a way to gain a router's webpage password and username?
1 project | /r/hacking | 26 Nov 2022
Hash question - How do you know?!
2 projects | /r/tryhackme | 5 Nov 2022
sa7mon/S3Scanner: Scan for open S3 buckets and dump the contents
1 project | /r/PrivateCyberMiliTec | 3 Nov 2022
A note from our sponsor - InfluxDB
www.influxdata.com | 10 Jun 2023
What are some of the best open-source Infosec projects in Python? This list will help you: