Command Injection Python Packages

netshell

A lightweight HTTP CLI Shell that enables custom command injection into vulnerable web applications with a familiar shell-like interface.

sh-guard

Semantic shell command safety classifier — AST-based risk scoring for AI coding agents

wshawk

Open source toolkit for WebSocket security testing, web application penetration testing, and stateful attack validation. It combines a CLI scanner, web dashboard, Electron desktop app, browser companion, and project-backed workflows for authorized security assessments.

lfimap

Local File Inclusion discovery and exploitation tool

waymap

Advanced Web Application Security Scanner

t2i-skillguard

Security scanner for AI skill files (SKILL.md) and bundled code (scripts/, tools/). It helps you catch high-risk patterns before publishing or running a skill.