PyRank

Bug Bounty Python Packages

Python packages with the GitHub topic bug-bounty. Sorted by relevance, with stars and monthly downloads.
maurosoria
dirsearch

Web path scanner

24K 14K 2K
0xSteph
ptai

Offensive-security MCP server with 205 wrapped tools, 17 specialist agents, and 60 SPA-aware probes for OWASP Top 10. CLI + MCP, BYO LLM. No API key needed on MCP path.

7K 255 52
nikitastupin
clairvoyance

Obtain GraphQL API schema even if the introspection is disabled

6K 1K 132
alonebeast002
beastcrypt

JS & Source Map Secret Scanner - hunt exposed API keys, tokens & internal paths from live targets ☕

2K 0 0
forshaur
suk

access multiple sessions of temporary email inbox straight from your terminal. powered by temp-mail.org

2K 1 0
rly0nheart
buganize

Python client for the Google Issue Tracking system (Buganizer)

2K 1 2
Wh1t3Fox
tempor

Ephemeral Infrastructure for Dummies

1K 12 1
prasant-paudel
nuclipy

A simple template based vulnerability scanner in python (Inspired by ProjectDiscovery's Nuclei)

835 6 0
jashidsany
mcp-recon

Reconnaissance and known-issue scanner for Model Context Protocol (MCP) servers

818 0 0
FrancescoStabile
numasec

The AI Agent for Cyber Security.

813 360 45
bonifield
ipv4mutate

performs various mutations on IPv4 addresses, such as converting to binary, hex, octal, urlencoded, and more

601 3 0
0xHJK
dumpall

一款信息泄漏利用工具,适用于.git/.svn/.DS_Store泄漏和目录列出

541 2K 150
DonAsako
cssinj

A python tools to exploits CSS injection vulnerabilities to exfiltrate sensitive information from web applications.

536 3 0
ivan-sincek
bot-safe-agents

A library for fetching a list of bot-safe user agents.

512 4 0
EPTLLC
brs-xss

Context-aware async XSS scanner powered by BRS-KB

485 34 5
regaan
wshawk

Open source toolkit for WebSocket security testing, web application penetration testing, and stateful attack validation. It combines a CLI scanner, web dashboard, Electron desktop app, browser companion, and project-backed workflows for authorized security assessments.

484 7 1
ISMAILGAMAL
apkshadow

Android APK automation tool for bug bounty

430 1 0
nikitastupin
clairvoyancenext

Obtain GraphQL API Schema even if the introspection is not enabled

400 1K 132
ASafarzadeh
subfind3r

An improved version of Sublist3r, a python based Fast subdomains enumeration tool for penetration testers

381 11 1
sgmurphy
noisegate

A policy-aware AI triage assistant that evaluates bug bounty report quality, scope alignment, and impact—so researchers submit better reports and triagers focus on real vulnerabilities.

362 3 1
ivan-sincek
forbidden

Bypass 4xx HTTP response status codes and more. The tool is based on Python Requests, PycURL, and HTTP Client.

340 255 48
EPTLLC
brs-kb

XSS Knowledge Base — 4900+ Payloads, 169 Contexts, WAF Bypasses, Zero Dependencies

303 0 1
mrdebugger
stripe-inspector

Security research tool for Stripe API key enumeration and inspection

278 4 0
richardschwabe
jsfinder2

Find subdomains and urls in Javascript files

252 3 0