Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge. Learn more →
Top 19 Python security-automation Projects
-
-
Also, for the attack emulation part you might be interested in CALDERA.
-
InfluxDB
Collect and Analyze Billions of Data Points in Real Time. Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge.
-
or you can also use our open source version: https://github.com/infobyte/faraday
-
-
resoto
Resoto creates an inventory of your cloud ☁️, provides deep visibility 👀, and reacts to changes in your infrastructure 🌐.
Project mention: Unreal Engine change its price for non-game apps | news.ycombinator.com | 2023-10-05It is a good time for send the showreel of serious apps in Godot:
https://www.youtube.com/watch?v=9kKp0oguzr8
I know a free software monitoring tool made with Godot:
-
-
I was part of a project that did some analysis of OpenWRT firmware at scale. It was a lot of fun. The firmware is ( obviously ) publicly available. If you're interested in finding some cool results, you should try out FACT:
https://github.com/fkie-cad/FACT_core
It's a super neat tool that does lots of interesting things.
-
Onboard AI
Learn any GitHub repo in 59 seconds. Onboard AI learns any GitHub repo in minutes and lets you chat with it to locate functionality, understand different parts, and generate new code. Use it for free at www.getonboard.dev.
-
cve-bin-tool
The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.
intel/cve-bin-tool - 2 pull requests
-
-
-
You want Turbinia and DFTimewolf. Literally the tools built by the DF team at Google (the same team that makes L2T) purpose-built to do exactly what you're asking.
-
-
kestrel-lang
Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.
-
-
xssmap
Intelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities
Let's take a look at an example. We assume that we want to create an environment to automate several tools, including xira. The contents of the directory holding our scripts:
-
flake8-bandit uses bandit behind the scenes: https://github.com/tylerwince/flake8-bandit/blob/main/flake8_bandit.py ruff doesn't and implements the rules directly
-
-
CyberSecurityAuditScript
Security audit script decreases info gathering from average of 5 minutes, to 20 seconds, and returns everything into a textfile.
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Python security-automation related posts
- Diving into Starlink's User Terminal Firmware
- SOC Malware/Detection lab
- Security Audit Scan
- Automated penetration testing software?
- Kaseya Acquired Vonahi Security
- Endpoint Attack Simulation
- Do you know the Mitre tool "Caldera"? How can I build a plugin for it?
-
A note from our sponsor - InfluxDB
www.influxdata.com | 8 Dec 2023
Index
What are some of the best open-source security-automation projects in Python? This list will help you:
Project | Stars | |
---|---|---|
1 | monkey | 6,380 |
2 | caldera | 4,830 |
3 | faraday | 4,316 |
4 | Astra | 2,369 |
5 | resoto | 1,464 |
6 | Sooty | 1,250 |
7 | FACT_core | 1,111 |
8 | cve-bin-tool | 960 |
9 | trailscraper | 754 |
10 | APTRS | 737 |
11 | turbinia | 684 |
12 | theo | 335 |
13 | kestrel-lang | 252 |
14 | embark | 228 |
15 | xssmap | 126 |
16 | flake8-bandit | 109 |
17 | faraday_plugins | 37 |
18 | CyberSecurityAuditScript | 9 |
19 | autowpscan | 2 |