Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge. Learn more →
Top 19 Python security-automation Projects
Infection Monkey - An open-source adversary emulation platformProject mention: Security Audit Scan | /r/msp | 2023-06-14
Automated Adversary Emulation PlatformProject mention: SOC Malware/Detection lab | /r/cybersecurity | 2023-07-03
Also, for the attack emulation part you might be interested in CALDERA.
Collect and Analyze Billions of Data Points in Real Time. Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge.
Open Source Vulnerability Management Platform (by infobyte)Project mention: Penetration Testing Report | /r/Pentesting | 2022-12-20
or you can also use our open source version: https://github.com/infobyte/faraday
Automated Security Testing For REST API's
Resoto creates an inventory of your cloud ☁️, provides deep visibility 👀, and reacts to changes in your infrastructure 🌐.Project mention: Unreal Engine change its price for non-game apps | news.ycombinator.com | 2023-10-05
It is a good time for send the showreel of serious apps in Godot:
I know a free software monitoring tool made with Godot:
The SOC Analysts all-in-one CLI tool to automate and speed up workflow.
Firmware Analysis and Comparison ToolProject mention: Diving into Starlink's User Terminal Firmware | news.ycombinator.com | 2023-08-29
I was part of a project that did some analysis of OpenWRT firmware at scale. It was a lot of fun. The firmware is ( obviously ) publicly available. If you're interested in finding some cool results, you should try out FACT:
It's a super neat tool that does lots of interesting things.
Learn any GitHub repo in 59 seconds. Onboard AI learns any GitHub repo in minutes and lets you chat with it to locate functionality, understand different parts, and generate new code. Use it for free at www.getonboard.dev.
The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 200 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.Project mention: 2022 Highlights: Open Source Development! ✨ | dev.to | 2022-12-14
intel/cve-bin-tool - 2 pull requests
A command-line tool to get valuable information out of AWS CloudTrail
Automated Penetration Testing Reporting System
Automation and Scaling of Digital Forensics ToolsProject mention: Log2Timeline -> Timesketch | /r/computerforensics | 2023-05-16
You want Turbinia and DFTimewolf. Literally the tools built by the DF team at Google (the same team that makes L2T) purpose-built to do exactly what you're asking.
Ethereum recon and exploitation tool. (by cleanunicorn)
Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.
EMBArk - The firmware security scanning environment (by e-m-b-a)
Intelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilitiesProject mention: Docker explained for pentesters | dev.to | 2023-11-29
Let's take a look at an example. We assume that we want to create an environment to automate several tools, including xira. The contents of the directory holding our scripts:
Automated security testing using bandit and flake8.Project mention: The Ruff python linter is insanely good | /r/Python | 2023-03-16
flake8-bandit uses bandit behind the scenes: https://github.com/tylerwince/flake8-bandit/blob/main/flake8_bandit.py ruff doesn't and implements the rules directly
Security tools report parsers for Faradaysec.com
Security audit script decreases info gathering from average of 5 minutes, to 20 seconds, and returns everything into a textfile.
Assistant work tool for wpscan.Project mention: autowpscan | /r/cybersecurity | 2023-04-14
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Python security-automation related posts
Diving into Starlink's User Terminal Firmware
1 project | news.ycombinator.com | 29 Aug 2023
SOC Malware/Detection lab
2 projects | /r/cybersecurity | 3 Jul 2023
Security Audit Scan
1 project | /r/msp | 14 Jun 2023
Automated penetration testing software?
2 projects | /r/AskNetsec | 16 May 2023
Kaseya Acquired Vonahi Security
2 projects | /r/msp | 25 Apr 2023
Endpoint Attack Simulation
1 project | /r/cybersecurity | 24 Feb 2023
Do you know the Mitre tool "Caldera"? How can I build a plugin for it?
1 project | /r/blueteamsec | 4 Nov 2022
A note from our sponsor - InfluxDB
www.influxdata.com | 8 Dec 2023
What are some of the best open-source security-automation projects in Python? This list will help you: