Top 23 Python security-tool Projects

security-tools

• Add a project

1. spiderfoot

   1 21 14,772 0.0 Python

   SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.

   

2. InfluxDB

   www.influxdata.com featured

   InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.

   

3. Fail2Ban

   2 57 14,815 9.0 Python

   Daemon to ban hosts that cause multiple authentication errors

   

   Project mention: Fighting bots by implementing fast TCP fingerprinting with eBPF | news.ycombinator.com | 2025-06-29

   something like https://github.com/renanqts/xdpdropper or cilium's host firewall or https://github.com/boylegu/TyrShield exist or https://github.com/ebpf-security/xdp-firewall today and implement ebpf filter based firewalling.

   Of these there is a sample integration for XDPDropper to fail2ban that never got merged https://github.com/fail2ban/fail2ban/pull/3555/files -- I don't think anyone else has really worked on that junction of functionality yet.

   There's also wazuh which seems to package ebpf tooling up with a ton of detection and management components, but its not a simple to deploy as fail2ban.

4. prowler

   3 28 11,844 10.0 Python

   Prowler is the Open Cloud Security platform for AWS, Azure, GCP, Kubernetes, M365 and more. It helps for continuos monitoring, security assessments and audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, ENS and more

   

   Project mention: Top 11 DevOps Security Tools | dev.to | 2024-08-30

   11. Prowler

5. scapy

   4 27 11,554 9.2 Python

   Scapy: the Python-based interactive packet manipulation program & library.

   

   Project mention: python-dublin-traceroute VS scapy - a user suggested alternative | libhunt.com/r/python-dublin-traceroute | 2025-03-05

6. bbot

   5 7 8,746 9.8 Python

   The recursive internet scanner for hackers. 🧡

   

   Project mention: HackTheBox Writeup: Cypher | dev.to | 2025-03-22

   bbot is a recursive internet scanner that supports Python-based modules.

7. bandit

   6 26 7,167 8.4 Python

   Bandit is a tool designed to find common security issues in Python code.

   

   Project mention: App Security: Common Attacks & How to Prevent Them | dev.to | 2025-07-13

   Static Analysis: Tools like Bandit or SonarQube to catch code-level issues.

8. monkey

   7 5 6,827 9.1 Python

   Infection Monkey - An open-source adversary emulation platform

   

9. Stream

   getstream.io featured

   Stream - Scalable APIs for Chat, Feeds, Moderation, & Video. Stream helps developers build engaging apps that scale to millions with performant and flexible Chat, Feeds, Moderation, and Video APIs and SDKs powered by a global edge network and enterprise-grade infrastructure.

   

10. AutoSploit

    8 1 5,117 0.0 Python

    Automated Mass Exploiter

    

11. NetExec

    9 2 4,410 9.9 Python

    The Network Execution Tool

    

12. Nettacker

    10 1 4,332 9.0 Python

    Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

    

    Project mention: Nettacker: Open-Source Automated Penetration Testing and Vulnerability Scanner | news.ycombinator.com | 2024-09-03

13. IntelOwl

    11 13 4,203 9.6 Python

    IntelOwl: manage your Threat Intelligence at scale

    

14. pocsuite3

    12 2 3,741 5.2 Python

    pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.

    

15. TorBot

    13 1 3,359 2.6 Python

    Dark Web OSINT Tool

    

16. consoleme

    14 10 3,190 3.2 Python

    A Central Control Plane for AWS Permissions and Access

    

17. chipsec

    15 16 3,072 9.2 Python

    Platform Security Assessment Framework

    

18. Reconnoitre

    16 2 2,159 0.0 Python

    A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.

    

19. opencve

    17 21 2,095 8.9 Python

    Open-source CVE monitoring and alerting platform

    

20. osv.dev

    18 23 1,920 9.8 Python

    Open source vulnerability DB and triage service.

    

    Project mention: Building AI Agents to Prioritize CVEs — A Google ADK Guide | dev.to | 2025-04-23

    In this story, we will create our first AI agents using Agent Development Kit. AI agents will be integrated with Google OSV, MITRE, KEV, and a bit of Google search. AI agents will enrich data about given vulnerabilities with public data from different sources to help prioritize (triage) problems.

21. rapidscan

    19 1 1,861 4.1 Python

    :new: The Multi-Tool Web Vulnerability Scanner.

    

22. llm-guard

    20 4 1,836 7.2 Python

    The Security Toolkit for LLM Interactions

    

    Project mention: Securing and enhancing LLM prompts & outputs: A guide using Amazon Bedrock and open-source solutions | dev.to | 2024-10-01

    Image source:https://llm-guard.com/

23. evillimiter

    21 11 1,737 0.0 Python

    Tool that monitors, analyzes and limits the bandwidth of devices on the local network without administrative access.

    

24. requests-ip-rotator

    22 6 1,587 2.4 Python

    A Python library to utilize AWS API Gateway's large IP pool as a proxy to generate pseudo-infinite IPs for web scraping and brute forcing.

    

    Project mention: Doge Worker's Code Supports NLRB Whistleblower | news.ycombinator.com | 2025-04-23

    > Ge0rg3’s code is “open source,” in that anyone can copy it and reuse it non-commercially. As it happens, there is a newer version of this project that was derived or “forked” from Ge0rg3’s code — called “async-ip-rotator” — and it was committed to GitHub in January 2025 by DOGE captain Marko Elez.

    Original code: https://github.com/Ge0rg3/requests-ip-rotator

    Forked: https://github.com/markoelez/async-ip-rotator

    Code is pretty much the same, with comments removed, some `async` sprinkled in and minor changes (I bet this was just pasted into LLM with prompt to make it async, but if that worked why not).

    Except... Original GPL3 license is gone. Obviously not something you would expect DOGE people to understand or respect.

25. dronesploit

    23 8 1,575 2.0 Python

    Drone pentesting framework console

    

26. SaaSHub

    www.saashub.com featured

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    

Python security-tools related posts

• App Security: Common Attacks & How to Prevent Them

  1 project | dev.to | 13 Jul 2025

• Bandit: Find common security issues in Python code

  1 project | news.ycombinator.com | 28 May 2025

• 🔒 Bandit: Python Static Application Security Testing Guide

  1 project | dev.to | 23 Apr 2025

• Doge Worker's Code Supports NLRB Whistleblower

  5 projects | news.ycombinator.com | 23 Apr 2025

• Building AI Agents to Prioritize CVEs — A Google ADK Guide

  3 projects | dev.to | 23 Apr 2025

• Panic at the CVE-o-theque [video]

  1 project | news.ycombinator.com | 22 Apr 2025

• 🛡️ How to Use Bandit as a SAST Tool for Your Python App

  2 projects | dev.to | 20 Apr 2025
• A note from our sponsor - Stream
  getstream.io | 17 Jul 2025

  Stream helps developers build engaging apps that scale to millions with performant and flexible Chat, Feeds, Moderation, and Video APIs and SDKs powered by a global edge network and enterprise-grade infrastructure. Learn more →

Index

Sponsored

InfluxDB – Built for High-Performance Time Series Workloads

InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.

www.influxdata.com

Do not miss the trending Python projects with our weekly report!