PyRank
  • Insights
  • PyPI
  • GitHub
  • Search
  • Compare
  • Advisories
  • Ecosystem
  • About

Pentesting Python Packages

Python packages with the GitHub topic pentesting. Sorted by relevance, with stars and monthly downloads.
androguard
androguard

Reverse engineering and pentesting for Android applications

2M 6K 1K
MichaelTatarski
fake-http-header

A python package to generate random request fields for a http header.

627K 44 2
sherlock-project
sherlock-project

Hunt down social media accounts by username across social networks

169K 86K 10K
soxoj
maigret

๐Ÿ•ต๏ธโ€โ™‚๏ธ Collect a dossier on a person by username from 3000+ sites

112K 35K 3K
Paradoxis
flask-unsign

Command line tool to fetch, decode, brute-force and craft session cookies of a Flask application by guessing secret keys.

101K 652 47
blacklanternsecurity
bbot

The recursive internet scanner for hackers. ๐Ÿงก

75K 10K 872
sqlmapproject
sqlmap

Automatic SQL injection and database takeover tool

67K 38K 6K
blacklanternsecurity
radixtarget

RadixTarget is a performant radix implementation designed for quick lookups of IP addresses/networks and DNS hostnames.

51K 11 2
mBouamama
myjwt

A cli for cracking, testing vulnerabilities on Json Web Token(JWT)

51K 137 19
Ciphey
ciphey

โšก Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes โšก

43K 21K 1K
maurosoria
dirsearch

Web path scanner

30K 14K 2K
Paradoxis
flask-unsign-wordlist

The following package is the standalone wordlist-only component to flask-unsign.

23K 44 13
PurpleAILAB
decepticon

Autonomous Hacking Agent for Red Team

14K 5K 890
PurpleAILAB
decepticon-sdk

Autonomous Hacking Agent for Red Team

14K 5K 890
dalisecurity
fray

Open-source WAF Security Testing Platform โ€” 7,200+ attack payloads, 98 WAF/CDN fingerprints, AI-powered bypass engine, recon pipeline, beautiful CLI output

13K 50 4
PurpleAILAB
decepticon-core

Autonomous Hacking Agent for Red Team

13K 5K 890
qeeqbox
social-analyzer

API, CLI, and Web App for analyzing and finding a person's profile in 1000 social media \ websites

10K 23K 2K
Jake-Schoellkopf
aicu-scanner

Black-box security scanner for LLM applications โ€” prompt injection, safety bypass, credential leakage

9K 3 0
freelabz
secator

secator - the pentester's swiss knife

8K 1K 133
0xSteph
ptai

Offensive-security MCP server with 205 wrapped tools, 17 specialist agents, and 60 SPA-aware probes for OWASP Top 10. CLI + MCP, BYO LLM. No API key needed on MCP path.

6K 1K 242
mrhenrike
embedxpl

Embedded Device Security Assessment Framework โ€” 700 modules, 350 CVEs, 55 vendors, APT Group Engine. Covers routers, IP cameras, GPON ONTs, ISP CPEs, IoT/embedded edge.

6K 22 6
infohlaingbwar
d0rk3r

Shodan IP scraper with auto-proxy rotation. No API key needed. Perfect for OSINT, bug bounty & pentesting.

5K 0 0
gurudeepmallam-cmd
mcppt

MCPTROTTER - 28 automated security checks for any MCP server

5K 0 0
ADscanPro
adscan

Active Directory pentesting tool for Linux. Automated Kerberoasting, AS-REP Roasting, ADCS/ESC exploitation, DCSync, BloodHound integration, and 40+ AD attack paths. ENS Alto / NIS2 / ISO 27001 compliance reports. No Windows required.

5K 470 50
    • Data from PyPI, GitHub, ClickHouse, and BigQuery