Python Vulnerabilities

Open-source Python projects categorized as Vulnerabilities | Edit details

Top 10 Python Vulnerability Projects

  • clusterfuzz

    Scalable fuzzing infrastructure.

    Project mention: ClusterFuzz is a scalable fuzzing infrastructure | news.ycombinator.com | 2022-04-25
  • kube-hunter

    Hunt for security weaknesses in Kubernetes clusters

    Project mention: kube-hunter :: K8's Security | dev.to | 2022-01-20

    git clone https://github.com/aquasecurity/kube-hunter.git cd ./kube-hunter pip install -r requirements.txt python3 kube_hunter

  • Scout APM

    Less time debugging, more time building. Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.

  • anchore-engine

    A service that analyzes docker images and applies user-defined acceptance policies to allow automated container image validation and certification

    Project mention: How to Secure Your Kubernetes Clusters With Best Practices | dev.to | 2021-12-02

    Enable container image scanning in your CI/CD phase to catch known vulnerabilities using tools like clair or Anchore.

  • rapidscan

    :new: The Multi-Tool Web Vulnerability Scanner.

    Project mention: 10 Security tips to protect your website | dev.to | 2022-03-08

    Doing pentesting plays another important role in terms of security.There are a handful of open source available out there to help you.If you are running linux I previously wrote a blog about how to get kali tools on ubuntu based distros, you can follow that to get those tools.There is something called RapidScan.You can use it to scan your site for vulnerabilities.

  • opencve

    CVE Alerting Platform

    Project mention: Is there an open source project for the firewalls advisories | reddit.com/r/cybersecurity | 2022-05-09
  • dagda

    a tool to perform static analysis of known vulnerabilities, trojans, viruses, malware & other malicious threats in docker images/containers and to monitor the docker daemon and running docker containers for detecting anomalous activities

    Project mention: 2 Widespread Attacks on Your Containerized Environment and 7 Rules to Prevent it. | dev.to | 2021-07-23

    Dagda uses a static analysis approach to find viruses, malware, and fake sub-images and trojans. It is based on Red Hat Security Advisories (RHSA) libraries of existing vulnerabilities databases.

  • PocOrExp_in_Github

    聚合Github上已有的Poc或者Exp,CVE信息来自CVE官网。Auto Collect Poc Or Exp from Github by CVE ID.

    Project mention: List of public collections of PoCs on github to learn from 🍻🇺🇸❤ | reddit.com/r/hacking | 2021-12-16
  • SonarLint

    Deliver Cleaner and Safer Code - Right in Your IDE of Choice!. SonarLint is a free and open source IDE extension that identifies and catches bugs and vulnerabilities as you code, directly in the IDE. Install from your favorite IDE marketplace today.

  • vulnix

    Vulnerability (CVE) scanner for Nix/NixOS.

    Project mention: What Are Your Most Used Self Hosted Applications? | news.ycombinator.com | 2022-05-04

    Initially I spent a lot of time as I used it as an opportunity to learn Nix/NixOS. I used Nix intentionally as it's a rolling release and also it's declarative and intended for reproducible deployments, so I don't need to deal with an OS like Ubuntu that slowly gets crufty and out of date and needs a clean-up or upgrade or complete re-install. And if I do need to re-install, it should be mostly a one-liner.

    For security there are these scanners:

    https://github.com/flyingcircusio/vulnix

    https://github.com/andir/nix-vulnerability-scanner

    I also run all services in docker and my network uses VLANs behind an OPNSense firewall. I use Wireguard as a pinch point into my network to access most services. So I'm not too worried about the security aspect.

    Upgrading on Nix is pretty easy - just bump your lock file and it will get the latest packages, assuming you are on the unstable channel. But unstable does break on occasion. You an also use the latest stable release of Nix and selectively choose unstable packages, which is probably the way to go. I rarely need to fix anything - it's pretty stable. It only starts eating time when I want to add or upgrade some element to the system, but I always make sure to never do any action that isn't captured in Nix config and backed up, so that I don't have to come back and figure out what exactly I did or how something works again. It's been fine. Nix has a pretty steep learning curve, but considering its power, I think it's absolutely worth it.

  • deadshot

    Deadshot is a Github pull request scanner to identify sensitive data being committed to a repository

  • ochrona-cli

    A command line tool for detecting vulnerabilities in Python dependencies and doing safe package installs

    Project mention: ochrona-cli: CLI para detectar vulnerabilidades en las dependencias de Python 🤨 | reddit.com/r/u_esgeeks | 2021-10-25
NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2022-05-09.

Python Vulnerabilities related posts

Index

What are some of the best open-source Vulnerability projects in Python? This list will help you:

Project Stars
1 clusterfuzz 4,744
2 kube-hunter 3,682
3 anchore-engine 1,448
4 rapidscan 1,165
5 opencve 1,056
6 dagda 964
7 PocOrExp_in_Github 403
8 vulnix 225
9 deadshot 178
10 ochrona-cli 43
Find remote jobs at our new job board 99remotejobs.com. There are 7 new remote jobs listed recently.
Are you hiring? Post a new remote job listing for free.
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com