Powerful document editing and collaboration in your app or environment. Ultimate security, API and 30+ ready connectors, SaaS or on-premises Learn more →
Top 23 Python Vulnerability Projects
A list of useful payloads and bypass for Web Application Security and Pentest/CTFProject mention: Becoming a security researcher. Help with a realistic timeline? | reddit.com/r/AskNetsec | 2023-05-17
- https://github.com/swisskyrepo/PayloadsAllTheThings - https://book.hacktricks.xyz/welcome/readme
Open Source Vulnerability Management Platform (by infobyte)Project mention: Penetration Testing Report | reddit.com/r/Pentesting | 2022-12-20
or you can also use our open source version: https://github.com/infobyte/faraday
Write Clean Python Code. Always.. Sonar helps you commit clean code every time. With over 225 unique rules to find Python bugs, code smells & vulnerabilities, Sonar finds the issues while you focus on the work.
Create actionable data from your Vulnerability Scans
Open source vulnerability DB and triage service.Project mention: Pyscan: A command-line tool to detect security issues in your python dependencies. | reddit.com/r/Python | 2023-05-17
https://osv.dev its open source and even has a free API with almost all the popular languages. One of the inspirations for my project.
Smart Install Exploitation ToolProject mention: seg fault when running with script | reddit.com/r/nmap | 2022-09-20
Im having a similar problem. Im running the cisco-siet.nse included in https://github.com/frostbits-security/SIET.git. Other nmap (non-script) commands seem to complete as well and simply say segmentation fault at the end. I can provide more information. I'm not sure what would be helpful, this is beyond my scope of knowledge.
Packj stops :zap: Solarwinds-, ESLint-, and PyTorch-like attacks by flagging malicious/vulnerable open-source dependencies ("weak links") in your software supply-chainProject mention: How to use Podman inside of a container | news.ycombinator.com | 2023-04-26
I built Packj  sandboxing for securing “pip/NPM install”. It uses strace for sandboxing and blocks access to sensitive files and limits traffic to known-good IP addresses.
Proof of concept for abusing Telegram's "People Near Me" feature and tracking people's location
ONLYOFFICE Docs — document collaboration in your environment. Powerful document editing and collaboration in your app or environment. Ultimate security, API and 30+ ready connectors, SaaS or on-premises
A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/Project mention: SBOM with VulnerableCode.io | dev.to | 2022-11-15
$ git clone https://github.com/nexB/vulnerablecode.git $ cd vulnerablecode $ make envfile $ docker-compose build
Vulnerability (CVE) scanner for Nix/NixOS.Project mention: Is NixOS a thing? | reddit.com/r/devops | 2022-11-09
it is very easy to scan your entire dependency tree for known vulnerabilities for Nix, all the way up to a whole OS
🕸️ Audit tool to find common vulnerabilities in PHP source code
A daily updated summary of the most frequent types of security incidents currently being reported from different sources.Project mention: Promote your business, week of May 15, 2023 | reddit.com/r/smallbusiness | 2023-05-15
POC CVE-2022-30190 : CVE 0-day MS Offic RCE aka msdt follinaProject mention: Zero-Click MS Office RCE Proof of Concept (MSDT Follina) | news.ycombinator.com | 2022-06-01
D(HE)ater is a proof of concept implementation of the D(HE)at attack (CVE-2002-20001) through which denial-of-service can be performed by enforcing the Diffie-Hellman key exchange.
Remote control your Greenbone Community Edition or Greenbone Enterprise ApplianceProject mention: Help propose modification to function | reddit.com/r/Python | 2022-11-24
Greenbone vulnerability scanner. Script to create scan targets from a file with list of hosts (link to script)
It's a simple tool for test vulnerability shellshock
A Python program implementing and exploiting the Minsky Turing machine considered in the paper "Intrinsic Propensity for Vulnerability in Computers? Arbitrary Code Execution in the Universal Turing Machine" as per CVE-2021-32471 (https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-32471)
My solutions to the 2020 NSA Codebreaker Challenge
Proof of concept of bitcoin private key recovery using weak ECDSA signaturesProject mention: Are old wallet addresses reusable even if the address changes after a while? | reddit.com/r/BitcoinBeginners | 2022-07-16
A simple wrapper for the National Vulnerability CVE/CPE API
Another tool for exploiting CVE-2017-9248, a cryptographic weakness in Telerik UI for ASP.NET AJAX dialog handler.Project mention: Telerik Revist - New Exploit Tool | reddit.com/r/netsec | 2022-10-19
A tool for Oragnized ASM (Attack Surface Mapper). Subdomains enumeration, IPs scans, Vulnerability assesment...Project mention: New Attack Surface Discovery tool : OrgASM | reddit.com/r/cybersecurity | 2023-05-31
WPSec command line toolProject mention: How to test security of my website | reddit.com/r/web_design | 2023-04-16
Heartbleed vulnerability exploited 🩸
TestGPT | Generating meaningful tests for busy devs. Get non-trivial tests (and trivial, too!) suggested right inside your IDE, so you can code smart, create more value, and stay confident when you push.
Python Vulnerability related posts
Announcing Pyscan: A dependency vulnerability scanner for python projects.
3 projects | reddit.com/r/u_aswin__ | 15 May 2023
I launched my first SaaS on ProductHunt and I don't know if I should have
1 project | reddit.com/r/SideProject | 12 May 2023
A tool that aggregates security advisories from multiple sources. You can get them by email!
1 project | reddit.com/r/cybersecurity | 12 May 2023
I built a tool that aggregates security advisories from multiple sources. You can get them by email!
1 project | reddit.com/r/netsec | 12 May 2023
Kaseya Acquired Vonahi Security
2 projects | reddit.com/r/msp | 25 Apr 2023
Show HN: TypeScript Security Scanner
2 projects | news.ycombinator.com | 12 Apr 2023
Distributed vulnerability database for Open Source
1 project | news.ycombinator.com | 3 Jan 2023
A note from our sponsor - ONLYOFFICE
www.onlyoffice.com | 31 May 2023
What are some of the best open-source Vulnerability projects in Python? This list will help you: