SaaSHub helps you find the best software and product alternatives Learn more →
Top 23 Python security-automation Projects
-
Project mention: Advanced Shell Scripting with Bash (2006) [pdf] | news.ycombinator.com | 2025-04-17
(Not sure about the equivalent of shlex.quote, but in the worst case, you can just use "from shlex import quote as q" or something).
So yes, there are good alternatives to bash - even Python based.
[0] https://xon.sh/
-
InfluxDB
InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.
-
-
-
-
-
fixinventory
Fix Inventory helps you identify and remove the most critical risks in AWS, GCP, Azure and Kubernetes.
Project mention: Defenders think in lists. Attackers think in graphs. So attackers win | news.ycombinator.com | 2024-08-24There is also Fix Inventory, which is a graph-based security tool:
https://github.com/someengineering/fixinventory
I'm one of the people behind Fix Inventory. What scares a lot of developers away from graph-based tools is the graph query language. It has a steep learning curve, and unless you write queries every day, it's really cumbersome to learn.
We simplified that with our own search syntax that has all the benefits of the graph, but simplified a few concepts like graph traversal.
-
cve-bin-tool
The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 350 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.
So far I think I've been doing pretty well. While the scope of my contributions has varied, I've been able to work on a few projects - some larger than others, but all of them being software that people actually use (as opposed to someone's side project): cve-bin-tool, libplanet, ByteChef, Ghostfolio, and Mattermost.
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
-
-
betterscan
Code Scanning/SAST/Static Analysis/Linting using many tools/Scanners with One Report (Code, IaC) - Betterscan
-
-
-
-
-
-
-
kestrel-lang
Kestrel threat hunting language: building reusable, composable, and shareable huntflows across different data sources and threat intel.
-
xssmap
Intelligent XSS detection tool that uses human techniques for looking for reflected cross-site scripting (XSS) vulnerabilities
-
-
-
vulnerability-scan-github-action-for-amazon-inspector
Scan artifacts with Amazon Inspector from GitHub Actions workflows.
Project mention: Securing Your Container Pipeline: Using AWS Inspector with GitHub Actions | dev.to | 2025-03-14At its core, the workflow uses the Vulnerability Scan GitHub Action for Amazon Inspector, which integrates with AWS Inspector to perform comprehensive vulnerability scanning on your container images.
-
CyberSecurityAuditScript
Security audit script decreases info gathering from average of 5 minutes, to 20 seconds, and returns everything into a textfile.
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Python security-automation discussion
Python security-automation related posts
-
Diving into Starlink's User Terminal Firmware
-
SOC Malware/Detection lab
-
Security Audit Scan
-
Automated penetration testing software?
-
Kaseya Acquired Vonahi Security
-
Endpoint Attack Simulation
-
Do you know the Mitre tool "Caldera"? How can I build a plugin for it?
-
A note from our sponsor - SaaSHub
www.saashub.com | 19 May 2025
Index
What are some of the best open-source security-automation projects in Python? This list will help you:
# | Project | Stars |
---|---|---|
1 | xonsh | 8,771 |
2 | monkey | 6,794 |
3 | caldera | 6,126 |
4 | faraday | 5,400 |
5 | Astra | 2,573 |
6 | fixinventory | 1,970 |
7 | cve-bin-tool | 1,414 |
8 | Sooty | 1,395 |
9 | FACT_core | 1,330 |
10 | betterscan | 859 |
11 | trailscraper | 815 |
12 | turbinia | 765 |
13 | raven | 657 |
14 | falconpy | 406 |
15 | theo | 346 |
16 | embark | 339 |
17 | kestrel-lang | 313 |
18 | xssmap | 148 |
19 | flake8-bandit | 113 |
20 | faraday_plugins | 53 |
21 | vulnerability-scan-github-action-for-amazon-inspector | 39 |
22 | CyberSecurityAuditScript | 11 |
23 | autowpscan | 1 |