Python security-automation

Open-source Python projects categorized as security-automation

Top 23 Python security-automation Projects

security-automation
  1. xonsh

    :shell: Python-powered shell. Full-featured and cross-platform.

    Project mention: Advanced Shell Scripting with Bash (2006) [pdf] | news.ycombinator.com | 2025-04-17

    (Not sure about the equivalent of shlex.quote, but in the worst case, you can just use "from shlex import quote as q" or something).

    So yes, there are good alternatives to bash - even Python based.

    [0] https://xon.sh/

  2. InfluxDB

    InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.

    InfluxDB logo
  3. monkey

    Infection Monkey - An open-source adversary emulation platform

  4. caldera

    Automated Adversary Emulation Platform

  5. faraday

    Open Source Vulnerability Management Platform (by infobyte)

  6. Astra

    Automated Security Testing For REST API's

  7. fixinventory

    Fix Inventory helps you identify and remove the most critical risks in AWS, GCP, Azure and Kubernetes.

    Project mention: Defenders think in lists. Attackers think in graphs. So attackers win | news.ycombinator.com | 2024-08-24

    There is also Fix Inventory, which is a graph-based security tool:

    https://github.com/someengineering/fixinventory

    I'm one of the people behind Fix Inventory. What scares a lot of developers away from graph-based tools is the graph query language. It has a steep learning curve, and unless you write queries every day, it's really cumbersome to learn.

    We simplified that with our own search syntax that has all the benefits of the graph, but simplified a few concepts like graph traversal.

  8. cve-bin-tool

    The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 350 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.

    Project mention: My Goals Working On Open Source | dev.to | 2024-12-10

    So far I think I've been doing pretty well. While the scope of my contributions has varied, I've been able to work on a few projects - some larger than others, but all of them being software that people actually use (as opposed to someone's side project): cve-bin-tool, libplanet, ByteChef, Ghostfolio, and Mattermost.

  9. SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
  10. Sooty

    The SOC Analysts all-in-one CLI tool to automate and speed up workflow.

  11. FACT_core

    Firmware Analysis and Comparison Tool

  12. betterscan

    Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners with One Report (Code, IaC) - Betterscan

  13. trailscraper

    A command-line tool to get valuable information out of AWS CloudTrail

  14. turbinia

    Automation and Scaling of Digital Forensics Tools

  15. raven

    CI/CD Security Analyzer (by CycodeLabs)

  16. falconpy

    The CrowdStrike Falcon SDK for Python

  17. theo

    Ethereum recon and exploitation tool. (by cleanunicorn)

  18. embark

    EMBArk - The firmware security scanning environment (by e-m-b-a)

  19. kestrel-lang

    Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.

  20. xssmap

    Intelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities

  21. flake8-bandit

    Automated security testing using bandit and flake8.

  22. faraday_plugins

    Security tools report parsers for Faradaysec.com

  23. vulnerability-scan-github-action-for-amazon-inspector

    Scan artifacts with Amazon Inspector from GitHub Actions workflows.

    Project mention: Securing Your Container Pipeline: Using AWS Inspector with GitHub Actions | dev.to | 2025-03-14

    At its core, the workflow uses the Vulnerability Scan GitHub Action for Amazon Inspector, which integrates with AWS Inspector to perform comprehensive vulnerability scanning on your container images.

  24. CyberSecurityAuditScript

    Security audit script decreases info gathering from average of 5 minutes, to 20 seconds, and returns everything into a textfile.

  25. autowpscan

    Assistant work tool for wpscan.

  26. SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

Python security-automation discussion

Log in or Post with

Python security-automation related posts

Index

What are some of the best open-source security-automation projects in Python? This list will help you:

# Project Stars
1 xonsh 8,771
2 monkey 6,794
3 caldera 6,126
4 faraday 5,400
5 Astra 2,573
6 fixinventory 1,970
7 cve-bin-tool 1,414
8 Sooty 1,395
9 FACT_core 1,330
10 betterscan 859
11 trailscraper 815
12 turbinia 765
13 raven 657
14 falconpy 406
15 theo 346
16 embark 339
17 kestrel-lang 313
18 xssmap 148
19 flake8-bandit 113
20 faraday_plugins 53
21 vulnerability-scan-github-action-for-amazon-inspector 39
22 CyberSecurityAuditScript 11
23 autowpscan 1

Sponsored
InfluxDB – Built for High-Performance Time Series Workloads
InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.
www.influxdata.com

Did you know that Python is
the 2nd most popular programming language
based on number of references?