PyRank
  • Insights
  • PyPI
  • GitHub
  • Search
  • Compare
  • Advisories
  • Ecosystem
  • About

Appsec Python Packages

Python packages with the GitHub topic appsec. Sorted by relevance, with stars and monthly downloads.
Kylmakalle
devicecheck

Reduce fraudulent use of your services by managing device state and asserting app integrity via Apple DeviceCheck API with this Python wrapper.

509K 34 5
ajinabraham
libsast

Generic SAST Library

357K 138 22
ajinabraham
njsscan

njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.

157K 435 106
MobSF
mobsfscan

mobsfscan is a static analysis tool that can find insecure code patterns in your Android and iOS source code. Supports Java, Kotlin, Swift, and Objective C Code. mobsfscan uses MobSF static analysis rules and is powered by semgrep and libsast pattern matcher.

133K 766 121
sqlmapproject
sqlmap

Automatic SQL injection and database takeover tool

67K 38K 6K
duriantaco
ca9

CA9 is a local evidence engine for Python AppSec triage. It sits after scanners and before engineers waste time, proving which findings matter.

60K 5 0
blacklanternsecurity
badsecrets

A library for detecting known secrets across many web frameworks

33K 805 81
maurosoria
dirsearch

Web path scanner

30K 14K 2K
infamousjoeg
pyaim

@CyberArk Application Access Manager Client Library for Python 3

9K 29 6
NuGuardAI
nuguard

opensource repo for NuGuard

8K 10 3
openziti
openziti

Ziti SDK for Python

7K 95 8
lucashgrifoni
oss-policy-kit

Policy-as-code starter kit for OSS repository governance and CI/CD hygiene across GitHub, Azure, and AWS.

6K 3 1
gusta-ve
deadwood-sec

A self-hosted, leveled web-security range (tutorial → impossible) — the practice town for wraith & hickok. Intentionally vulnerable; localhost only.

5K 0 0
apisec-inc
apisec-ai-surface

Find and govern AI attack surfaces in application code at PR time. Free, OSS, runs offline.

3K 44 8
infobyte
faradaysec

Open Source Vulnerability Management Platform

3K 7K 1K
IncludeSecurity
safeurl-python

Python implementation of SafeURL (Anti-SSRF Lib)

3K 11 4
bluerock-io
bluerock-oss

Runtime visibility for Python MCP servers. Captures tool calls, session lifecycle, module imports (SHA-256), and subprocess execution as structured NDJSON. No code changes.

3K 32 5
nocomplexity
codeaudit

Codeaudit - Modern Python source code security analyzer based on distrust.

2K 43 1
squid-protocol
gitgalaxy

An AST-free, LLM-free heuristic knowledge graph engine for deep repository intelligence. Map, secure, and modernize enterprise codebases across 50+ languages at extreme velocity

2K 45 2
deglyph-re
deglyph

A terminal tool for reading native binaries, also scans for secrets and CVEs in CI.

2K 0 0
ronaldgosso
sentinel-scanner

Sentinel is a developer-first CLI tool that finds security vulnerabilities in Python projects and provides AI-powered fixes - all in an interactive terminal dashboard.

2K 0 0
lucashgrifoni
secure-sdlc-evidence-collector

CLI-first tool to collect, normalize, evaluate and bundle Secure SDLC evidence per release.

2K 0 0
thedevappsecguy
argus-agent

Agentic threat modeling workflow using Google ADK to turn PRDs, design docs, and RFCs into STRIDE-categorized, OWASP-rated threat model reports.

1K 0 0
F5-Labs
cryptonice

Perform TLS scan of a domain

1K 101 22
    • Data from PyPI, GitHub, ClickHouse, and BigQuery