Open Source Python Security Software - Page 4
Sort By:
Python Security Software
View 5809 business solutionsBrowse free open source Python Security Software and projects below. Use the toggles on the left to filter open source Python Security Software by OS, license, language, programming language, and project status.
-
MongoDB Atlas runs apps anywhereMongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
-
ContractSafe: Contract Management SoftwareDitch those spreadsheets, shared drives & crazy-expensive solutions with too many bells & whistles. ContractSafe offers the simplest way to manage your contracts efficiently without breaking the bank.
-
1
Photon
Incredibly fast crawler designed for OSINT
Photon is an extremely fast web crawler built specifically for OSINT and reconnaissance use cases. It is designed to extract URLs, endpoints, files, and other intelligence artifacts from target websites with minimal overhead. The crawler prioritizes speed and breadth, making it suitable for mapping web attack surfaces and discovering hidden resources. Photon is commonly used during early reconnaissance phases to build a comprehensive inventory of reachable assets. Its Python implementation makes it accessible for customization and integration into larger automation frameworks. Despite its speed focus, the tool still provides useful filtering and extraction capabilities for analysts who need structured results. Overall, Photon functions as a lightweight yet powerful reconnaissance spider for web intelligence gathering. -
2
SIPVicious
Security tools that can be used to audit SIP based VoIP systems
SIPVicious OSS has been around since 2007 and is actively updated to help security teams, QA and developers test SIP-based VoIP systems and applications. Open-source security suite for auditing SIP based VoIP systems. Also known as friendly-scanner, it is freely available to help pentesters, security teams and developers quickly test their SIP systems. Download the latest source code from git or the latest release, send pull requests and open issues. Install the latest and greatest release using pip3 install sipvicious or follow the instructions for further options. Available on any platform that supports Python 3. Made a change to your phone system or SIP router? Test it automatically using SIPVicious OSS to perform a smoke test for security robustness. The next generation is SIPVicious PRO, a complete new code base and overhaul of the concepts found in SIPVicious OSS. As a toolset it includes more and targets RTC. -
3
WhatBreach
OSINT tool for discovering email addresses in known data breaches
WhatBreach is an open source OSINT (Open Source Intelligence) tool designed to help users discover whether an email address has appeared in known data breaches. It simplifies the process of investigating compromised credentials by allowing users to search for a single email address or analyze multiple email addresses at once. It gathers breach information from various sources and APIs to identify where the email has been exposed in leaked databases or online paste sites. Once breaches are discovered, WhatBreach can provide additional context such as the databases associated with those leaks and any related paste dumps containing the email address. If the breach databases are publicly available, the tool can attempt to download them for further analysis. It also supports deeper investigation of email domains and related profiles, making it useful for researchers, security analysts, and penetration testers conducting reconnaissance or breach analysis. -
4
theZoo
A repository of LIVE malwares for malware analysis and security
theZoo is a project created to make the possibility of malware analysis open and available to the public. Since we have found out that almost all versions of malware are very hard to come by in a way which will allow analysis, we have decided to gather all of them for you in an accessible and safe way. theZoo was born by Yuval tisf Nativ and is now maintained by Shahak Shalev. theZoo’s purpose is to allow the study of malware and enable people who are interested in malware analysis (or maybe even as a part of their job) to have access to live malware, analyse the ways they operate, and maybe even enable advanced and savvy people to block specific malware within their own environment. Please remember that these are live and dangerous malware! They come encrypted and locked for a reason! Do NOT run them unless you are absolutely sure of what you are doing! They are to be used only for educational purposes. -
Get full visibility and control over your tasks and projects with Wrike.Wrike offers world-class features that empower cross-functional, distributed, or growing teams take their projects from the initial request stage all the way to tracking work progress and reporting results.
-
5
pyscard is a python module adding smart cards support (PC/SC) to python.
-
6
garysfm
An advanced file manager with qss themes and iso and folder previews
garysfm which stands for Gary's File Manager is a file manager with some advanced features. Those features include bulk renaming and folder image previews. I has rather advanced search functions, tab browsing with persistence between launches. It remembers your folder sorting and view options in icon view. It also remembers your active tabs between sessions. It has progress dialog while doing large operations like copying large files, and folders with many files. python version works on mac 11.0.1 or above and on Linux. The exe definitely works on Windows 11 and 10 amd and intel 64 bit systems. the exe is not for arm systems. Full theming engine with qss support for advanced theming in 1.2.4 To use themes other than the default download gsfmt.zip, and qss.zip and extract them to the directory where your garysfm is located. (version 1.2.3 and above for gsfmt and 1.2.4 and above for qss.) 1.2.9 has cloud syncing, bookmarks, tags, and collections, and cleaner -
7
CTFd
CTFs as you need them
CTFd is a Capture The Flag framework focusing on ease of use and customizability. It comes with everything you need to run a CTF and it's easy to customize with plugins and themes. Create your own challenges, categories, hints, and flags from the Admin Interface. Dynamic Scoring Challenges. Unlockable challenge support. Challenge plugin architecture to create your own custom challenges. Static & Regex-based flags. Custom flag plugins. Unlockable hints. File uploads to the server or an Amazon S3-compatible backend. Limit challenge attempts & hide challenges. Automatic bruteforce protection. Individual and Team-based competitions. Have users play on their own or form teams to play together. Scoreboard with automatic tie resolution. Hide Scores from the public. Freeze Scores at a specific time. Scoregraphs comparing the top 10 teams and team progress graphs. Markdown content management system. SMTP + Mailgun email support. Email confirmation support. Forgot password support. -
8
ClusterFuzz
Scalable fuzzing infrastructure
ClusterFuzz is a scalable fuzzing infrastructure that finds security and stability issues in software. Google uses ClusterFuzz to fuzz all Google products and as the fuzzing backend for OSS-Fuzz. ClusterFuzz provides many features which help seamlessly integrate fuzzing into a software project's development process. Can run on any size cluster (e.g. OSS-Fuzz instance runs on 100,000 VMs). Fully automatic bug filing, triage and closing for various issue trackers (e.g. Monorail, Jira). Supports multiple coverage guided fuzzing engines (libFuzzer, AFL, AFL++ and Honggfuzz) for optimal results (with ensemble fuzzing and fuzzing strategies). Statistics for analyzing fuzzer performance, and crash rates. Easy to use web interface for management and viewing crashes. Support for various authentication providers using Firebase. -
9
GTFOBins
GTFOBins is a curated list of Unix binaries
GTFOBins is a curated catalog of Unix / POSIX system binaries and how they can be misused to bypass restrictions, escalate privileges, exfiltrate data, spawn shells, or otherwise act as “living off the land” tools in a compromised environment. It collects documented techniques for how everyday binaries (e.g. awk, bash, tar, scp) can be abused under constrained conditions. Indexed list of Unix binaries and documented misuse techniques. Examples of command invocations to exploit misconfigurations. Scenarios for privilege escalation, file transfer, and process spawning. Community contributions to add or refine binary techniques. -
The #1 solution for profitable resource managementUnlike spreadsheets or clunky PSAs, Float offers a clear, centralized view to schedule teams, plan capacity, estimate work, and track margins in real-time so that you can keep your people and profits on track.
-
10
Impacket
A collection of Python classes for working with network protocols
Impacket is a collection of Python classes designed for working with network protocols. It was primarily created in the hopes of alleviating some of the hindrances associated with the implementation of networking protocols and stacks, and aims to speed up research and educational activities. It provides low-level programmatic access to packets, and the protocol implementation itself for some of the protocols, like SMB1-3 and MSRPC. It features several protocols, including Ethernet, IP, TCP, UDP, ICMP, IGMP, ARP, NMB and SMB1, SMB2 and SMB3 and more. Impacket's object oriented API makes it easy to work with deep hierarchies of protocols. It can construct packets from scratch, as well as parse them from raw data. -
11
Maltrail
Malicious traffic detection system
Maltrail is a malicious traffic detection system, utilizing publicly available (black)lists containing malicious and/or generally suspicious trails, along with static trails compiled from various AV reports and custom user-defined lists, where trail can be anything from domain name, URL, IP address (e.g. 185.130.5.231 for the known attacker) or HTTP User-Agent header value (e.g. sqlmap for automatic SQL injection and database takeover tool). Also, it uses (optional) advanced heuristic mechanisms that can help in the discovery of unknown threats (e.g. new malware). Sensor(s) is a standalone component running on the monitoring node (e.g. Linux platform connected passively to the SPAN/mirroring port or transparently inline on a Linux bridge) or at the standalone machine (e.g. Honeypot) where it "monitors" the passing Traffic for blacklisted items/trails (i.e. domain names, URLs and/or IPs). -
12
aws-encryption-sdk
AWS Encryption SDK
The AWS Encryption SDK is a client-side encryption library designed to make it easy for everyone to encrypt and decrypt data using industry standards and best practices. It enables you to focus on the core functionality of your application, rather than on how to best encrypt and decrypt your data. The AWS Encryption SDK is provided free of charge under the Apache 2.0 license. With the AWS Encryption SDK, you define a master key provider (Java and Python) or a keyring (C, C#/.NET, and JavaScript) that determines which wrapping keys you use to protect your data. Then you encrypt and decrypt your data using straightforward methods provided by the AWS Encryption SDK. The AWS Encryption SDK does the rest. Without the AWS Encryption SDK, you might spend more effort on building an encryption solution than on the core functionality of your application. -
13
paramspider
Mine parameterized URLs from web archives for security testing
ParamSpider is an open source command-line tool designed to discover URLs that contain parameters by mining historical data from web archives such as the Wayback Machine. It helps security researchers, penetration testers, and bug bounty hunters collect potential attack surfaces by automatically gathering archived URLs related to a specific domain. Instead of returning every discovered URL, the tool intelligently filters results to highlight parameterized endpoints that are more useful for vulnerability testing. These endpoints are commonly used during reconnaissance because parameters often expose inputs that may be vulnerable to issues like cross-site scripting, SQL injection, or server-side request forgery. ParamSpider automates the process of retrieving archived URLs, cleaning them, and preparing them for fuzzing or further probing. It can process a single domain or multiple domains from a list, making it useful for both targeted testing and large-scale reconnaissance. -
14
pwnedOrNot
Check breached emails and find exposed passwords from public dumps
pwnedOrNot is an open source OSINT tool designed to investigate whether an email address has been compromised in known data breaches and to identify exposed credentials associated with that account. The tool works by interacting with the HaveIBeenPwned (HIBP) API to determine if a given email address appears in breach databases. If the email is found in a breach, the tool proceeds to search for associated passwords within publicly available data dumps. This two-phase approach allows investigators, security professionals, and researchers to assess the exposure level of compromised accounts using publicly accessible breach information. The tool displays useful breach details such as the name of the breach, the affected domain, the breach date, and several status indicators related to the authenticity and status of the breach. pwnedOrNot can also analyze domains to determine whether they have been involved in breaches and can list all breached domains available through the HIBP database. -
15
Alerta
Alerta monitoring system
Email was not designed to be used as an alert console. It is not a scalable solution when it comes to monitoring and alert visualization. A minimal installation of Alerta can be deployed quickly and easily as monitoring requirements and confidence grow. There are integrations available with Prometheus, Riemann, Nagios, Zabbix, netdata, Sensu, Pingdom and Cloudwatch. Integrating bespoke systems is easy using the API or command-line tool. Alerts are submitted in JSON format to an HTTP API. Alerts can be queried from the command line or viewed in a slick web console optimized for desktop, tablet, and mobile. User logins can be added using Google, GitHub or GitLab OAuth and programmatic access is managed using API keys. -
16
AttackSurfaceMapper
Automated tool for mapping & expanding organization’s attack surface
AttackSurfaceMapper (ASM) is a reconnaissance and attack surface discovery tool designed to automate the process of mapping potential targets within an organization's infrastructure. It combines open source intelligence (OSINT) with selective active reconnaissance techniques to expand and analyze a target’s external attack surface. Users can supply domains, subdomains, or IP addresses as input, and applies multiple discovery methods to identify additional related assets such as new subdomains, associated IP ranges, and hosts within the same network ownership. It performs both brute-force and passive enumeration techniques to uncover infrastructure components that may not be immediately visible. After building an expanded list of targets, AttackSurfaceMapper collects intelligence such as screenshots of web applications, information about exposed services, and possible vulnerabilities identified through integrated services. It can also search for publicly exposed credentials. -
17
BlackWidow
Python web scanner for OSINT gathering and OWASP vulnerability fuzzing
BlackWidow is a Python-based web application scanning tool designed to crawl target websites and collect open-source intelligence (OSINT) while identifying potential security vulnerabilities. It functions as a web spider that systematically explores a site to gather valuable information such as URLs, dynamic parameters, subdomains, email addresses, and phone numbers associated with the target domain. By automatically extracting this data, BlackWidow helps security professionals and researchers build a clearer understanding of a website’s structure and publicly accessible information. In addition to information gathering, the project includes a built-in fuzzing component called Inject-X, which tests dynamic URLs for common vulnerabilities listed in the OWASP Top 10. The scanner analyzes parameters and injects payloads to detect issues such as SQL injection, cross-site scripting (XSS), and open redirect vulnerabilities. -
18
Buster
OSINT tool for discovering information linked to email addresses
Buster is an open source OSINT tool designed for email reconnaissance and information gathering. It helps investigators, security researchers, and penetration testers discover publicly available information related to email addresses and usernames. It can analyze an email address to identify associated social media accounts, references across the web, and potential data breaches linked to that email. It also performs reverse WHOIS lookups to discover domains that may have been registered using a specific email address. In addition to investigating existing addresses, Buster can generate possible email combinations and usernames based on personal details such as a person’s name, birthdate, or additional hints. Buster supports validating generated email addresses and retrieving contextual information about them. By combining multiple online sources and services, Buster helps automate the process of gathering intelligence related to digital identities. -
19
KubiScan
A tool to scan Kubernetes cluster for risky permissions
A tool for scanning Kubernetes cluster for risky permissions in Kubernetes's Role-based access control (RBAC) authorization model. KubiScan helps cluster administrators identify permissions that attackers could potentially exploit to compromise the clusters. This can be especially helpful on large environments where there are lots of permissions that can be challenging to track. KubiScan gathers information about risky roles\clusterroles, rolebindings\clusterrolebindings, users and pods, automating traditional manual processes and giving administrators the visibility they need to reduce risk. -
20
MozDef
MozDef: Mozilla Enterprise Defense Platform
MozDef aims to bring real-time incident response and investigation to the defensive toolkits of security operations groups in the same way that Metasploit, LAIR, and Armitage have revolutionized the capabilities of attackers. We use MozDef to ingest security events, alert us to security issues, investigate suspicious activities, handle security incidents, and visualize and categorize threat actors. The real-time capabilities allow our security personnel all over the world to work collaboratively even though we may not sit in the same room together and see changes as they occur. The integration plugins allow us to have the system automatically respond to attacks in a preplanned fashion to mitigate threats as they occur. -
21
OnionSearch
Search multiple Tor .onion engines at once and collect hidden links.
OnionSearch is a Python-based command-line tool designed to collect and aggregate links from multiple search engines on the Tor network. The script works by scraping results from a variety of .onion search services, allowing users to perform a single query while gathering results from many sources at once. This approach helps researchers and investigators locate hidden services more efficiently without manually querying each individual search engine. It is primarily intended for educational use and open-source intelligence (OSINT) research involving the Tor network. OnionSearch supports multiple engines and can combine results into a single output, making it easier to analyze discovered onion links. It also offers flexible command-line options that allow users to limit results, choose which engines to query, and export collected data. By automating searches across several dark web search engines, OnionSearch simplifies the process of discovering information on hidden services. -
22
Pacu
The AWS exploitation framework, designed for testing security
Pacu (named after a type of Piranha in the Amazon) is a comprehensive AWS security-testing toolkit designed for offensive security practitioners. While several AWS security scanners currently serve as the proverbial “Nessus” of the cloud, Pacu is designed to be the Metasploit equivalent. Written in Python 3 with a modular architecture, Pacu has tools for every step of the pen testing process, covering the full cyber kill chain. Pacu is the aggregation of all of the exploitation experience and research from our countless prior AWS red team engagements. Automating components of the assessment not only improves efficiency but also allows our assessment team to be much more thorough in large environments. What used to take days to manually enumerate can be now be achieved in minutes. There are currently over 35 modules that range from reconnaissance, persistence, privilege escalation, enumeration, data exfiltration, log manipulation, and miscellaneous general exploitation. -
23
pass import
A pass extension for importing data from most existing password
A pass extension for importing data from most existing password managers. Password management should be simple and follow Unix philosophy. With pass, each password lives inside of a gpg encrypted file whose filename is the title of the website or resource that requires the password. These encrypted files may be organized into meaningful folder hierarchies, copied from computer to computer, and, in general, manipulated using standard command line file management utilities. -
24
reNgine
Automated framework for web application reconnaissance and scanning
reNgine is an automated reconnaissance framework designed to simplify and enhance the process of gathering information about web applications during security assessments. It provides a streamlined workflow for penetration testers, bug bounty hunters, and security teams who need to perform reconnaissance efficiently and at scale. The platform integrates multiple open-source reconnaissance tools into a unified environment with a configurable scanning engine and an intuitive web interface. reNgine focuses on improving traditional reconnaissance workflows by organizing collected data in a database and correlating results to make them easier to analyze. This approach helps security professionals avoid manually searching through scattered files and instead work with structured, searchable reconnaissance data. The framework supports continuous monitoring of targets and can automatically notify users about newly discovered assets or vulnerabilities. -
25
wifi-password
Quickly fetch your WiFi password and generate a QR code of your WiFi
Quickly fetch your WiFi password and if needed, generate a QR code of your WiFi to allow phones to easily connect. Works on macOS and Linux, Windows.
