Python Vulnerability

Open-source Python projects categorized as Vulnerability

Top 23 Python Vulnerability Projects

  • PayloadsAllTheThings

    A list of useful payloads and bypass for Web Application Security and Pentest/CTF

    Project mention: Becoming a security researcher. Help with a realistic timeline? | | 2023-05-17

    - -

  • faraday

    Open Source Vulnerability Management Platform (by infobyte)

    Project mention: Penetration Testing Report | | 2022-12-20

    or you can also use our open source version:

  • Sonar

    Write Clean Python Code. Always.. Sonar helps you commit clean code every time. With over 225 unique rules to find Python bugs, code smells & vulnerabilities, Sonar finds the issues while you focus on the work.

  • VulnWhisperer

    Create actionable data from your Vulnerability Scans


    Open source vulnerability DB and triage service.

    Project mention: Pyscan: A command-line tool to detect security issues in your python dependencies. | | 2023-05-17 its open source and even has a free API with almost all the popular languages. One of the inspirations for my project.

  • SIET

    Smart Install Exploitation Tool

    Project mention: seg fault when running with script | | 2022-09-20

    Im having a similar problem. Im running the cisco-siet.nse included in Other nmap (non-script) commands seem to complete as well and simply say segmentation fault at the end. I can provide more information. I'm not sure what would be helpful, this is beyond my scope of knowledge.

  • packj

    Packj stops :zap: Solarwinds-, ESLint-, and PyTorch-like attacks by flagging malicious/vulnerable open-source dependencies ("weak links") in your software supply-chain

    Project mention: How to use Podman inside of a container | | 2023-04-26

    I built Packj [1] sandboxing for securing “pip/NPM install”. It uses strace for sandboxing and blocks access to sensitive files and limits traffic to known-good IP addresses.


  • Telegram-Trilateration

    Proof of concept for abusing Telegram's "People Near Me" feature and tracking people's location


    ONLYOFFICE Docs — document collaboration in your environment. Powerful document editing and collaboration in your app or environment. Ultimate security, API and 30+ ready connectors, SaaS or on-premises

  • vulnerablecode

    A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet for Chat at Docs at

    Project mention: SBOM with | | 2022-11-15

    $ git clone $ cd vulnerablecode $ make envfile $ docker-compose build

  • vulnix

    Vulnerability (CVE) scanner for Nix/NixOS.

    Project mention: Is NixOS a thing? | | 2022-11-09

    it is very easy to scan your entire dependency tree for known vulnerabilities for Nix, all the way up to a whole OS

  • phpvuln

    🕸️ Audit tool to find common vulnerabilities in PHP source code

  • cyberowl

    A daily updated summary of the most frequent types of security incidents currently being reported from different sources.

    Project mention: Promote your business, week of May 15, 2023 | | 2023-05-15
  • PoC-CVE-2022-30190

    POC CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follina

    Project mention: Zero-Click MS Office RCE Proof of Concept (MSDT Follina) | | 2022-06-01
  • dheater

    D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.

  • gvm-tools

    Remote control your Greenbone Community Edition or Greenbone Enterprise Appliance

    Project mention: Help propose modification to function | | 2022-11-24

    Greenbone vulnerability scanner. Script to create scan targets from a file with list of hosts (link to script)

  • ShellShockHunter

    It's a simple tool for test vulnerability shellshock

  • turing-machine

    A Python program implementing and exploiting the Minsky Turing machine considered in the paper "Intrinsic Propensity for Vulnerability in Computers? Arbitrary Code Execution in the Universal Turing Machine" as per CVE-2021-32471 (

  • nsa-codebreaker-2020

    My solutions to the 2020 NSA Codebreaker Challenge

  • bitcoin-recover-privkey

    Proof of concept of bitcoin private key recovery using weak ECDSA signatures

    Project mention: Are old wallet addresses reusable even if the address changes after a while? | | 2022-07-16
  • nvdlib

    A simple wrapper for the National Vulnerability CVE/CPE API

  • dp_cryptomg

    Another tool for exploiting CVE-2017-9248, a cryptographic weakness in Telerik UI for ASP.NET AJAX dialog handler.

    Project mention: Telerik Revist - New Exploit Tool | | 2022-10-19
  • OrgASM

    A tool for Oragnized ASM (Attack Surface Mapper). Subdomains enumeration, IPs scans, Vulnerability assesment...

    Project mention: New Attack Surface Discovery tool : OrgASM | | 2023-05-31
  • wpsec-cli

    WPSec command line tool

    Project mention: How to test security of my website | | 2023-04-16


  • Heartbleed

    Heartbleed vulnerability exploited 🩸

  • CodiumAI

    TestGPT | Generating meaningful tests for busy devs. Get non-trivial tests (and trivial, too!) suggested right inside your IDE, so you can code smart, create more value, and stay confident when you push.

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2023-05-31.

Python Vulnerability related posts


What are some of the best open-source Vulnerability projects in Python? This list will help you:

Project Stars
1 PayloadsAllTheThings 47,941
2 faraday 3,950
3 VulnWhisperer 1,300
4 1,126
5 SIET 527
6 packj 518
7 Telegram-Trilateration 485
8 vulnerablecode 338
9 vulnix 307
10 phpvuln 275
11 cyberowl 219
12 PoC-CVE-2022-30190 147
13 dheater 145
14 gvm-tools 143
15 ShellShockHunter 91
16 turing-machine 74
17 nsa-codebreaker-2020 71
18 bitcoin-recover-privkey 63
19 nvdlib 46
20 dp_cryptomg 38
21 OrgASM 8
22 wpsec-cli 8
23 Heartbleed 6
Access the most powerful time series database as a service
Ingest, store, & analyze all types of time series data in a fully-managed, purpose-built database. Keep data forever with low-cost storage and superior data compression.