Top 23 Python Security Projects

Security

• Add a project

1. PayloadsAllTheThings

   1 35 63,195 9.1 Python

   A list of useful payloads and bypass for Web Application Security and Pentest/CTF

   

   Project mention: PayloadsAllTheThings: Essential Payloads and Bypass for Web Security and CTFs | news.ycombinator.com | 2024-08-11

2. Nutrient

   www.nutrient.io featured

   Nutrient – The #1 PDF SDK Library, trusted by 10K+ developers. Other PDF SDKs promise a lot - then break. Laggy scrolling, poor mobile UX, tons of bugs, and lack of support cost you endless frustrations. Nutrient’s SDK handles billion-page workloads - so you don’t have to debug PDFs. Used by ~1 billion end users in more than 150 different countries.

   

3. mitmproxy

   2 162 37,871 9.7 Python

   An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

   

   Project mention: I turned GitHub Copilot into OpenAI API compatible provider | dev.to | 2025-02-06

   Enter mitmproxy - this beautiful Python program can act as a proxy and logs all network requests. It even comes with a devtool like web UI. Just what I needed.

4. quivr

   3 24 37,264 9.8 Python

   Opiniated RAG for integrating GenAI in your apps 🧠 Focus on your product rather than the RAG. Easy integration in existing products with customisation! Any LLM: GPT4, Groq, Llama. Any Vectorstore: PGVector, Faiss. Any Files. Anyway you want.

   

   Project mention: Ask HN: Local RAG with private knowledge base | news.ycombinator.com | 2024-10-29

5. SQLMap

   4 42 33,296 8.5 Python

   Automatic SQL injection and database takeover tool

   

   Project mention: Top Github repositories for 10+ programming languages | dev.to | 2024-07-16

   SQL MAP, learning SQL

6. CheatSheetSeries

   5 52 28,810 9.2 Python

   The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

   

   Project mention: Using AI Offline: Insights into Local Models | dev.to | 2025-01-29

   Just for fun, I cloned the OWASP repo https://github.com/OWASP/CheatSheetSeries.git and am waiting for the indexing process to finish. I then asked the model (on the left side) and included all files from the cloned project (on the right side). As you can see below, the right side contains more useful information

7. hosts

   6 311 27,461 9.5 Python

   🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.

   

   Project mention: Show HN: A blocklist to remove spam and bad websites from search results | news.ycombinator.com | 2025-01-14

   You could get a step closer to that and integrate it into your DNS: https://github.com/StevenBlack/hosts

   The upside is that it would go beyond your browser to anything on your machine that makes a DNS request.

   > Another great function (not for this plugin) should be the option to "bundle" all search results from the same domain. Stuff them under one collapsible entry.

   That would be really cool. Just zip it up if you don't want to see that domain for that specific search.

8. macOS-Security-and-Privacy-Guide

   7 25 21,497 9.3 Python

   Guide to securing and improving privacy on macOS

   

9. CodeRabbit

   coderabbit.ai featured

   CodeRabbit: AI Code Reviews for Developers. Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.

   

10. DB-GPT

    8 10 14,553 9.5 Python

    AI Native Data App Development framework with AWEL(Agentic Workflow Expression Language) and Agents

    

11. wifiphisher

    9 5 13,375 1.3 Python

    The Rogue Access Point Framework

    

12. Fail2Ban

    10 53 13,179 8.5 Python

    Daemon to ban hosts that cause multiple authentication errors

    

    Project mention: One-Click Setup for SSH Login, Password Policy, IP Ban Configuration, and Custom Admin User Creation | dev.to | 2025-02-06

    IP Ban: Fail2ban

13. dirsearch

    11 12 12,528 8.8 Python

    Web path scanner

    

14. routersploit

    12 11 12,345 7.2 Python

    Exploitation Framework for Embedded Devices

    

15. urh

    13 36 11,253 5.5 Python

    Universal Radio Hacker: Investigate Wireless Protocols Like A Boss

    

    Project mention: Goodwatch – A Ham Radio Wristwatch | news.ycombinator.com | 2024-07-03

    You don't need a license to explore and have fun.

    Cheap, firmware hackable HTs are hawt, in particular the Quansheng UV-K5,K6.

    Tons of SDR receivers out there to explore, and many extremely exiting transceiver projects out there also. Just so much:

    https://github.com/jopohl/urh

    http://websdr.org/

    http://kiwisdr.com/public/

    https://meshtastic.org/docs/hardware/devices/

16. opensnitch

    14 220 11,248 9.1 Python

    OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.

    

    Project mention: Sniffnet – monitor your Internet traffic | news.ycombinator.com | 2025-02-02

    There is OpenSnitch [0] on Linux, but it us a bit clumsy to setup. I tried it once and didn't get far, but have it again on my todo list. Not aware of something similar on Linux.

    On Android there is NetGuard [1] which is awesome (not affiliated, just a happy customer).

    [0] https://github.com/evilsocket/opensnitch

    [1] https://netguard.me/

17. prowler

    15 28 11,220 10.0 Python

    Prowler is an Open Cloud Security tool for AWS, Azure, GCP and Kubernetes. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more.

    

    Project mention: Top 11 DevOps Security Tools | dev.to | 2024-08-30

    11. Prowler

18. scapy

    16 26 11,061 9.2 Python

    Scapy: the Python-based interactive packet manipulation program & library.

    

19. mvt

    17 91 10,711 8.9 Python

    MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.

    

20. Mailpile

    18 10 8,821 4.0 Python

    A free & open modern, fast email client with user-friendly encryption and privacy features

    

21. sigma

    19 41 8,693 9.7 Python

    Main Sigma Rule Repository

    

22. trape

    20 12 8,203 0.0 Python

    People tracker on the Internet: OSINT analysis and research tool by Jose Pino

    

23. frappe

    21 4 7,939 10.0 Python

    Low code web framework for real world applications, in Python and Javascript

    

    Project mention: 10 Must-Bookmark Open Source Projects for Developers | dev.to | 2025-01-15

    📂 GitHub Repository 🌐 Website

24. objection

    22 18 7,805 5.8 Python

    📱 objection - runtime mobile exploration

    

    Project mention: Mobile Security Tools part 3: Objection | dev.to | 2024-11-01

    Objection is a runtime mobile exploration toolkit, powered by Frida. I wrote a blog post that explains what Frida is and how it can be setup on Android. You can find it from here.

25. BunkerWeb

    23 24 7,543 9.8 Python

    🛡️ Open-source and next-generation Web Application Firewall (WAF)

    

    Project mention: Show HN: BunkerWeb – The Open-Source Web Application Firewall (WAF) | news.ycombinator.com | 2024-12-06

26. SaaSHub

    www.saashub.com featured

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    

Python Security related posts

• BleachBit is a free and open-source disk space cleaner

  1 project | news.ycombinator.com | 15 Feb 2025

• 10 Must-Have AI Tools to Supercharge Your Software Development

  3 projects | dev.to | 14 Feb 2025

• Invariant: A security and bug scanner for agent traces

  1 project | news.ycombinator.com | 7 Feb 2025

• I turned GitHub Copilot into OpenAI API compatible provider

  3 projects | dev.to | 6 Feb 2025

• Sniffnet – monitor your Internet traffic

  8 projects | news.ycombinator.com | 2 Feb 2025

• When Postgres index meets Bcrypt

  3 projects | dev.to | 31 Jan 2025

• How I automated my fitness goals

  3 projects | dev.to | 26 Jan 2025
• A note from our sponsor - Nutrient
  www.nutrient.io | 16 Feb 2025

  Other PDF SDKs promise a lot - then break. Laggy scrolling, poor mobile UX, tons of bugs, and lack of support cost you endless frustrations. Nutrient’s SDK handles billion-page workloads - so you don’t have to debug PDFs. Used by ~1 billion end users in more than 150 different countries. Learn more →

Index

Sponsored

Nutrient – The #1 PDF SDK Library, trusted by 10K+ developers

Other PDF SDKs promise a lot - then break. Laggy scrolling, poor mobile UX, tons of bugs, and lack of support cost you endless frustrations. Nutrient’s SDK handles billion-page workloads - so you don’t have to debug PDFs. Used by ~1 billion end users in more than 150 different countries.

www.nutrient.io

Do not miss the trending Python projects with our weekly report!