Top 19 Python network-security Projects

scapy

26 10,028 9.3 Python

Scapy: the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3.

Project mention: Seven Python Projects to Elevate Your Coding Skills | dev.to | 2024-02-15

Example Network Scanner Scapy

IVRE

6 3,301 8.0 Python

Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run your Passive DNS service, collect and analyse network intelligence from your sensors, and much more! Uses Nmap, Masscan, Zeek, p0f, etc.
InfluxDB

www.influxdata.com sponsored

Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.
blackhat-python3

2 1,968 0.0 Python

Source code for the book "Black Hat Python" by Justin Seitz. The code has been fully converted to Python 3, reformatted to comply with PEP8 standards and refactored to eliminate dependency issues involving the implementation of deprecated libraries.
Malcolm

4 1,743 9.9 Python

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts.
Digital-Forensics-Guide

6 1,335 6.4 Python

Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics.

Project mention: Most used DFIR tools | /r/cybersecurity | 2023-12-10

If you're looking to learn on your own, try mikeroyal's digital forensics guide on Github. There's a lot of recommended resources there that'll speed you up. https://github.com/mikeroyal/Digital-Forensics-Guide

nfstream

7 1,042 1.8 Python

NFStream: a Flexible Network Data Analysis Framework.
violent-python3

4 936 1.3 Python

Source code for the book "Violent Python" by TJ O'Connor. The code has been fully converted to Python 3, reformatted to comply with PEP8 standards and refactored to eliminate dependency issues involving the implementation of deprecated libraries.
WorkOS

workos.com sponsored

The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
StratosphereLinuxIPS

3 651 9.9 Python

Slips, a free software behavioral Python intrusion prevention system (IDS/IPS) that uses machine learning to detect malicious behaviors in the network traffic. Stratosphere Laboratory, AIC, FEL, CVUT in Prague.
Malcolm

5 309 9.9 Python

Malcolm is a powerful, easily deployable network traffic analysis tool suite for full packet capture artifacts (PCAP files), Zeek logs and Suricata alerts. (by idaholab)
netchecks

3 149 8.4 Python

Tool to validate assumptions about the network

Project mention: Show HN: Netchecks – A Kubernetes tool to validate assumptions about the network | news.ycombinator.com | 2023-11-29

Preferred-Network-List-Sniffer

1 131 9.7 Python

A reconnaissance tool for capturing and displaying SSIDs from device's Preferred Network List.

Project mention: Show HN: Tool that captures SSIDs from device's Preferred Network List | news.ycombinator.com | 2023-12-24

what-vpn

1 59 3.4 Python

Identify servers running various SSL VPNs based on protocol-specific behaviors

Project mention: Actual SSH over HTTPS | news.ycombinator.com | 2023-12-23

From the article:
> Ubiquitous presence of HTTPS allows you to pass your data through very restrictive middle boxes!
This is, in fact, why all — or nearly all — proprietary VPN protocols (so-called "SSL VPNs") implement a mode that initiates a tunnel via HTTPS, at least as a fallback if not as the primary mode of operation: precisely in order to have a mode of operation that works with almost any connection to the global Internet.
I'm one of the main developers of https://gitlab.com/openconnect/openconnect, which implements many such protocols, and wrote https://github.com/dlenski/what-vpn, which sniffs or identifies even more flavors of TLS-based VPN servers.

DirectFire_Converter

2 48 1.8 Python

DirectFire Firewall Converter - Network Security, Next-Generation Firewall Configuration Conversion, Firewall Syntax Translation and Firewall Migration Tool - supports Cisco ASA, Fortinet FortiGate (FortiOS), Juniper SRX (JunOS), SSG / Netscreen (ScreenOS) and WatchGuard (support for further devices in development). Similar to FortiConverter, SmartMove, Expedition etc.
pyp0f

2 41 5.9 Python

p0f v3 with impersonation spoofing, written in Python - Accurately guess the OS of a packet with passive fingerprinting.

Project mention: Show HN: Pyp0f – p0f clone with spoofing, written in Python | news.ycombinator.com | 2023-09-28

SNORT-GUI

1 17 7.7 Python

SNORT GUI: Your very own trusted blueteam forensic companion for SNORT IDS. OPTIMIZED, SECURE AND ABSOLUTELY FREE!
nSpector

1 7 1.8 Python

A tool to take Nmap scans, and store the results in a queryable database.
DetectXDiscord

1 5 5.5 Python

This Discord bot is designed to provide file scanning functionality using the VirusTotal API to check for viruses and other malware in attachments uploaded to a Discord channel.

Project mention: Virustotal file detection bot | /r/discordbots | 2023-04-29

I gotcha bro DetectXDiscord

kitten

1 3 3.9 Python

Kitten is a free and open-source network scanner. Currently only runs on Linux. (by karastift)
ktotu

1 0 3.2 Python

🕵️‍♀️ Identify devices in your network and monitor it against intruders

Project mention: Ask HN: How do you find contributors to open source projects? | news.ycombinator.com | 2023-10-12

- ktotu - Identify devices in your network and monitor it against intruders https://github.com/jmaczan/ktotu [Python]

SaaSHub

www.saashub.com sponsored

SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

Python network-security related posts

Monitor your system network traffic using one line of Python
1 project | news.ycombinator.com | 28 Sep 2022
Recommend me a Cybersecurity book similar to ViolentPython
1 project | /r/cybersecurity | 25 Sep 2022
Programming for hacking
1 project | /r/Hacking_Tutorials | 3 Jul 2021
Open Source Deep Packet Inspection Using Python
1 project | news.ycombinator.com | 2 Jul 2021
Nfstream: A network data analysis framework using Python
1 project | news.ycombinator.com | 2 Jul 2021
Basic penetration testing
1 project | /r/HowToHack | 25 Apr 2021
Software security
1 project | /r/cybersecurity | 23 Apr 2021
A note from our sponsor - InfluxDB
www.influxdata.com | 25 Apr 2024

Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality. Learn more →

Index

What are some of the best open-source network-security projects in Python? This list will help you:

	Project	Stars
1	scapy	10,028
2	IVRE	3,301
3	blackhat-python3	1,968
4	Malcolm	1,743
5	Digital-Forensics-Guide	1,335
6	nfstream	1,042
7	violent-python3	936
8	StratosphereLinuxIPS	651
9	Malcolm	309
10	netchecks	149
11	Preferred-Network-List-Sniffer	131
12	what-vpn	59
13	DirectFire_Converter	48
14	pyp0f	41
15	SNORT-GUI	17
16	nSpector	7
17	DetectXDiscord	5
18	kitten	3
19	ktotu	0