Python security-automation

Open-source Python projects categorized as security-automation

Top 19 Python security-automation Projects

  • monkey

    Infection Monkey - An open-source adversary emulation platform

    Project mention: Security Audit Scan | /r/msp | 2023-06-14
  • caldera

    Automated Adversary Emulation Platform

    Project mention: SOC Malware/Detection lab | /r/cybersecurity | 2023-07-03

    Also, for the attack emulation part you might be interested in CALDERA.

  • InfluxDB

    Collect and Analyze Billions of Data Points in Real Time. Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge.

  • faraday

    Open Source Vulnerability Management Platform (by infobyte)

    Project mention: Penetration Testing Report | /r/Pentesting | 2022-12-20

    or you can also use our open source version:

  • Astra

    Automated Security Testing For REST API's

  • resoto

    Resoto creates an inventory of your cloud ☁️, provides deep visibility 👀, and reacts to changes in your infrastructure 🌐.

    Project mention: Unreal Engine change its price for non-game apps | | 2023-10-05

    It is a good time for send the showreel of serious apps in Godot:

    I know a free software monitoring tool made with Godot:

  • Sooty

    The SOC Analysts all-in-one CLI tool to automate and speed up workflow.

  • FACT_core

    Firmware Analysis and Comparison Tool

    Project mention: Diving into Starlink's User Terminal Firmware | | 2023-08-29

    I was part of a project that did some analysis of OpenWRT firmware at scale. It was a lot of fun. The firmware is ( obviously ) publicly available. If you're interested in finding some cool results, you should try out FACT:

    It's a super neat tool that does lots of interesting things.

  • Onboard AI

    Learn any GitHub repo in 59 seconds. Onboard AI learns any GitHub repo in minutes and lets you chat with it to locate functionality, understand different parts, and generate new code. Use it for free at

  • cve-bin-tool

    The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.

    Project mention: 2022 Highlights: Open Source Development! ✨ | | 2022-12-14

    intel/cve-bin-tool - 2 pull requests

  • trailscraper

    A command-line tool to get valuable information out of AWS CloudTrail


    Automated Penetration Testing Reporting System

  • turbinia

    Automation and Scaling of Digital Forensics Tools

    Project mention: Log2Timeline -> Timesketch | /r/computerforensics | 2023-05-16

    You want Turbinia and DFTimewolf. Literally the tools built by the DF team at Google (the same team that makes L2T) purpose-built to do exactly what you're asking.

  • theo

    Ethereum recon and exploitation tool. (by cleanunicorn)

  • kestrel-lang

    Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.

  • embark

    EMBArk - The firmware security scanning environment (by e-m-b-a)

  • xssmap

    Intelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities

    Project mention: Docker explained for pentesters | | 2023-11-29

    Let's take a look at an example. We assume that we want to create an environment to automate several tools, including xira. The contents of the directory holding our scripts:

  • flake8-bandit

    Automated security testing using bandit and flake8.

    Project mention: The Ruff python linter is insanely good | /r/Python | 2023-03-16

    flake8-bandit uses bandit behind the scenes: ruff doesn't and implements the rules directly

  • faraday_plugins

    Security tools report parsers for

  • CyberSecurityAuditScript

    Security audit script decreases info gathering from average of 5 minutes, to 20 seconds, and returns everything into a textfile.

  • autowpscan

    Assistant work tool for wpscan.

    Project mention: autowpscan | /r/cybersecurity | 2023-04-14
  • SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2023-11-29.

Python security-automation related posts


What are some of the best open-source security-automation projects in Python? This list will help you:

Project Stars
1 monkey 6,380
2 caldera 4,830
3 faraday 4,316
4 Astra 2,369
5 resoto 1,464
6 Sooty 1,250
7 FACT_core 1,111
8 cve-bin-tool 960
9 trailscraper 754
10 APTRS 737
11 turbinia 684
12 theo 335
13 kestrel-lang 252
14 embark 228
15 xssmap 126
16 flake8-bandit 109
17 faraday_plugins 37
18 CyberSecurityAuditScript 9
19 autowpscan 2
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives