Top 23 Python Security Projects
An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.Latest mention: How to redirect an url to another url | reddit.com/r/linuxadmin | 2021-01-17
I would look into something like Squid, mitmproxy or SSLsplit, depending on just what your needs are.
Set up a personal VPN in the cloudLatest mention: Creating and automating our own wireguard VPN server/s | reddit.com/r/WireGuard | 2021-01-15
Automatic SQL injection and database takeover toolLatest mention: (ISC)² Official CISSP Tests mobile app | reddit.com/r/cissp | 2020-12-31
sqlmap does have OS detection capabilities. Official documentation:
Consolidating and extending hosts files from several well-curated sources. You can optionally pick extensions to block pornography, social media, and other categories.Latest mention: Women of reddit, do you also get 'horny singles in your area' ads, if not, what are your standard adverts? | reddit.com/r/AskReddit | 2021-01-14
Desktop/Laptop: Steven Black Hosts file + Firefox + UBO
Exploitation Framework for Embedded DevicesLatest mention: [Discussion] Anyone managed to get RouterSploit working on iOS? Or know something that works? | reddit.com/r/jailbreak | 2021-01-04
A free & open modern, fast email client with user-friendly encryption and privacy featuresLatest mention: What’s a safe email application for ios/ pc / android? | reddit.com/r/privacy | 2021-01-15
For PC : Thunderbird or Mailpile
Scapy: the Python-based interactive packet manipulation program & library. Supports Python 2 & Python 3.
Daemon to ban hosts that cause multiple authentication errors
OpenSnitch is a GNU/Linux port of the Little Snitch application firewallLatest mention: “The Great Suspender” Chrome extension maintainer is probably malicious | news.ycombinator.com | 2021-01-03
However, if you allow everything to 80/443, the extensions would still be able to connect to their servers. Maybe the browsers should add the ability to allow/deny connections per extension.
Universal Radio Hacker: Investigate Wireless Protocols Like A BossLatest mention: What is this 433MHz signal? | reddit.com/r/RTLSDR | 2020-12-22
Web path scannerLatest mention: TryHackMe's Advent of Cyber 6-8 | dev.to | 2020-10-20
The supporting material requires you to use DirSearch, a open-source python that allows you to comb through a website with a wordlist, which is also provided. Running the command takes a while, but eventually you end up with a list of pages that your tool managed to find, one of them being /sysadmin, which is the answer to the first question.
Repository for BLESS, an SSH Certificate Authority that runs as a AWS Lambda functionLatest mention: Why SSH certificates are awesome | dev.to | 2020-11-03
3. BLESS - By Netflix
Safely pass trusted data to untrusted environments and back.
A Static Analysis Tool for Detecting Security Vulnerabilities in Python Web ApplicationsLatest mention: Security Audit of 3rd Party Packages | reddit.com/r/homeassistant | 2020-12-28
https://github.com/python-security/pyt (no longer maintained, but still works).
Network recon framework.
A security tool for multithreaded information gathering and service enumeration whilst building directory structures to store results, along with writing out recommendations for further testing.Latest mention: oscp and ctf bash script fro recon help | reddit.com/r/cybersecurity | 2020-12-24
Kippo - SSH HoneypotLatest mention: desaster/kippo - Kippo - SSH Honeypot | reddit.com/r/GithubSecurityTools | 2021-01-01
Phishing Campaign Toolkit
TextAttack 🐙 is a Python framework for adversarial attacks, data augmentation, and model training in NLPLatest mention: A Visual Survey of Data Augmentation in NLP | dev.to | 2020-08-26
Libraries like nlpaug and textattack provide simple and consistent API to apply the above NLP data augmentation methods in Python. They are framework agnostic and can be easily integrated into your pipeline.
Modern, privacy-friendly, and detailed web analytics that works without cookies or JS.Latest mention: Ask HN: Who wants to be hired? (January 2021) | news.ycombinator.com | 2021-01-04
Looking for an internship/summer job/fellowship/whatever you want to call it! I have sizable development experience (at least relative to my age), so I may be able to really contribute to your team. 
Location: Stanford, CA / New York, NY (depending on pandemic situation...)
Willing to relocate: yes
Technologies: Python, Rust, JS/web stack, C, some Haskell, some Lisp, containerization and Kubernetes, general UX work, Linux/public clouds, some cryptography and networking.
Email: [email protected]
 Check out https://a17t.miles.land (a css library I built) and https://github.com/milesmcc/shynet (my open analytics tool) for samples. I also built https://lensant.com, though I'm less happy with its design.
Generate links that users can use to submit messages encrypted with your public key.
"Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events. Easily create custom event chains for Blue- & Red Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts.Latest mention: How do you improve your blue team skills? | reddit.com/r/blueteamsec | 2021-01-17
What are some of the best open-source Security projects in Python? This list will help you: