Python · security Tools

CTFd

github

CTFs as you need them

cowrie

github

Cowrie SSH/Telnet Honeypot https://docs.cowrie.org/

faraday

github

Open Source Vulnerability Management Platform

NetAlertX

github

Centralized network visibility and continuous asset discovery. Monitor devices, detect change, and stay aware across distributed networks.

Anthropic-Cybersecurity-Skills

github

754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platforms · 26 security domains · Apache 2.0

curl-impersonate

github

curl-impersonate: A special build of curl that can impersonate Chrome & Firefox

hackerone-reports

github

Top disclosed reports from HackerOne

can-i-take-over-xyz

github

"Can I take over XYZ?" — a list of services and how to claim (sub)domains with dangling DNS records.

clusterfuzz

github

Scalable fuzzing infrastructure.

AutoSploit

github

Automated Mass Exploiter

Learn-Web-Hacking

github

Study Notes For Web Hacking / Web安全学习笔记

pacu

github

The AWS exploitation framework, designed for testing the security of Amazon Web Services environments.

Nettacker

github

Automated Penetration Testing Framework - Open-Source Vulnerability Scanner - Vulnerability Management

bleachbit

github

BleachBit system cleaner for Windows and Linux

google-ctf

github

Google CTF

w3af

github

w3af: web application attack and audit framework, the open source web vulnerability scanner.

drozer

github

The Leading Security Assessment Framework for Android.

security_monkey

github

Security Monkey monitors AWS, GCP, OpenStack, and GitHub orgs for assets and their changes over time.

mythril

github

Mythril is a symbolic-execution-based securty analysis tool for EVM bytecode. It detects security vulnerabilities in smart contracts built for Ethereum and other EVM-compatible blockchains.

ssh-audit

github

SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)

knockpy

github

Knock Subdomain Scan

ciso-assistant-community

github

CISO Assistant is a one-stop-shop GRC platform for Risk Management, AppSec, Compliance & Audit, TPRM, Privacy, and Reporting. It supports 130+ global frameworks with automatic control mapping, including ISO 27001, NIST CSF, SOC 2, CIS, PCI DSS, NIS2, DORA, GDPR, HIPAA, CMMC, and more.

manticore

github

Symbolic execution tool

pocsuite3

github

pocsuite3 is an open-sourced remote vulnerability testing framework developed by the Knownsec 404 Team.