PyRank
  • Insights
  • PyPI
  • GitHub
  • Search
  • Compare
  • Advisories
  • Ecosystem
  • About

Bug Bounty Python Packages

Python packages with the GitHub topic bug-bounty. Sorted by relevance, with stars and monthly downloads.
maurosoria
dirsearch

Web path scanner

30K 14K 2K
nikitastupin
clairvoyance

Obtain GraphQL API schema even if the introspection is disabled

7K 1K 134
SphericalFlower52811
endpointscanner

Website endpoint recon tool and rate limit tester that can bypass simple captchas and WAFs.

6K 3 1
0xSteph
ptai

Offensive-security MCP server with 205 wrapped tools, 17 specialist agents, and 60 SPA-aware probes for OWASP Top 10. CLI + MCP, BYO LLM. No API key needed on MCP path.

6K 1K 242
infohlaingbwar
d0rk3r

Shodan IP scraper with auto-proxy rotation. No API key needed. Perfect for OSINT, bug bounty & pentesting.

5K 0 0
getphantomsignal
phantomsignal

Open-source OSINT intelligence framework — nmap-powered port scanning with OS detection, rich CLI panels, DNS recon, tech fingerprinting, 30+ threat intel APIs, Shadow Profiler, and cyberpunk web UI. pip install phantomsignal

3K 1 0
rly0nheart
buganize

Python client for the Google Issue Tracking system (Buganizer)

2K 1 2
0xbartita
h1-asset-fetcher

Fetch, download, and decompile Android/iOS/Exe assets from HackerOne bug bounty programs

2K 40 10
rozmiarD
ravenclaw-security

Governance-first security research runtime with policy-gated execution and public-safe proof artifacts

1K 4 0
prasant-paudel
nuclipy

A simple template based vulnerability scanner in python (Inspired by ProjectDiscovery's Nuclei)

738 6 0
FrancescoStabile
numasec

The AI Agent for Cyber Security.

658 416 48
Wh1t3Fox
tempor

Quick and Easy Infrastructure.

654 12 1
ASafarzadeh
subfind3r

Subdomains enumeration tool for penetration testers

653 11 1
regaan
wshawk

Open source toolkit for WebSocket security testing, web application penetration testing, and stateful attack validation. It combines a CLI scanner, web dashboard, Electron desktop app, browser companion, and project-backed workflows for authorized security assessments.

600 8 1
ISMAILGAMAL
apkshadow

Android APK automation tool for bug bounty hunters created to help me do some stuff faster

572 1 0
EPTLLC
brs-xss

MIT license BRS-XSS is a modular Python CLI scanner for XSS vulnerabilities. Features context-aware payloads, WAF evasion, DOM analysis via Playwright, ML-based risk scoring, and export in HTML/JSON/SARIF. Designed for integration with Brabus Recon Suite (BRS).

534 33 5
0xHJK
dumpall

一款信息泄漏利用工具,适用于.git/.svn/.DS_Store泄漏和目录列出

507 2K 151
alonebeast002
beastcrypt

Wayback Hunter + JS Secret Scanner — by ALONE BEAST

491 0 0
VTX-Labs
vtx-recon

Authorized-use secret-intelligence suite: find -> verify -> capability ladder -> PROVEN/VALID/DENIED impact tiering -> court-ready evidence bundle. Built on top of TruffleHog.

479 1 0
ivan-sincek
bot-safe-agents

A library for fetching a list of bot-safe user agents.

453 5 0
sgmurphy
noisegate

A policy-aware AI triage assistant that evaluates bug bounty report quality, scope alignment, and impact—so researchers submit better reports and triagers focus on real vulnerabilities.

441 3 1
DonAsako
cssinj

A python tool to exploit CSS injection vulnerabilities to exfiltrate sensitive information from web applications.

433 3 0
Baba01hacker666
gitsnatcher

Professional .git repository reconstructor and extractor

383 0 0
EPTLLC
brs-kb

BRS-KB is XSS Knowledge Base API

348 0 1
    • Data from PyPI, GitHub, ClickHouse, and BigQuery