PyRank
  • Insights
  • PyPI
  • GitHub
  • Search
  • Compare
  • Advisories
  • Ecosystem
  • About

Security Scanner Python Packages

Python packages with the GitHub topic security-scanner. Sorted by relevance, with stars and monthly downloads.
PyCQA
bandit

Bandit is a tool designed to find common security issues in Python code.

26.5M 8K 788
nyudenkov
pysentry-rs

🐍 Scan your Python dependencies for known security vulnerabilities with Rust-powered scanner

116K 245 8
tmatens
compose-lint

Security-focused linter for Docker Compose files. Catches dangerous misconfigurations before they reach production. Grounded in OWASP and CIS Docker Benchmark.

29K 2 0
Ostorlab
ostorlab

OXO is a security scanning orchestrator for the modern age.

28K 573 60
gautamvarmadatla
mcpsafetywarden

MCP servers expose tools with no information about what they actually do at runtime. mcpsafetywarden sits between your agent and any MCP server, profiling tool behavior, blocking destructive calls, and running active security audits before you trust them in a workflow.

15K 7 1
msaad00
agent-bom

AI supply-chain & cloud security scanner and self-hosted control plane — agents, MCP, packages, cloud estate, non-human identities, and LLM cost. SBOM/SARIF, graph attack-paths, runtime enforcement, and compliance evidence.

13K 25 7
sunglasses-dev
sunglasses

Sunglasses for AI agents. Protection layer + neighborhood watch.

9K 3 2
iteratec
kcwarden

Automatically audit your Keycloak configuration for security issues

8K 124 10
cpeoples
ansible-security-scanner

🛡️ Static security scanner (SAST) for Ansible playbooks, roles, and collections. 1,000+ rules across 30+ categories detecting malicious code, RCE, hardcoded credentials, and supply-chain risk. Outputs SARIF, CycloneDX SBOM, and GitLab SAST. SLSA Build Level 3, Sigstore-signed.

8K 7 0
dockfixlabs
dfx-agentguard

Autonomous security scanner for AI agents - detects prompt injection, tool abuse, data exfiltration, and all 10 OWASP ASI Top 10 vulnerabilities. MCP server mode included.

6K 1 0
dmuhs
pythx

A Python library for the MythX smart contract security analysis platform

6K 31 8
dmartinochoa
pipeline-check

CI/CD Security Posture Scanner

6K 7 1
Moonsehwan
aina-scan

Enterprise SAST — Python/Java/C/C++/TypeScript/C#/Go/Rust — tree-sitter AST, 7-language support, interprocedural taint (3-hop BFS), AINA L3 causal chains, i18n (en/ko), 6-report output

5K 2 0
sanmaxdev
sentineldeck

Passive attack-surface scanner: turn a domain into a risk grade, copy-paste fixes, and a client-ready report. Safe DNS, HTTP, TLS, email, and certificate-transparency checks.

5K 27 13
mattybellx
ansede-static

Offline SAST that detects IDOR, missing authentication, and ownership bypass. OWASP recall 62%, CVE recall 96.3% across 5 languages. Beats Semgrep OSS on recall.

5K 9 0
godaddy
tartufo

Searches through git repositories for high entropy strings and secrets, digging deep into commit history

5K 514 72
MegaManSec
gixy-next

Gixy-Next: NGINX Configuration Security Scanner & Performance Checker

4K 182 4
apisec-inc
apisec-ai-surface

Find and govern AI attack surfaces in application code at PR time. Free, OSS, runs offline.

3K 44 8
sattyamjjain
agent-audit-kit

Static scanner for MCP-connected AI agent pipelines — 225 rules across 11 categories, 12 compliance frameworks, OWASP Agentic 10/10 + MCP 10/10, GitHub Action, SARIF, public CVE-to-rule ledger.

3K 9 0
Defend-AI-Tech-Inc
agent-discover-scanner

The industry-standard Agentic Identity & Inventory Scanner. Automatically inventory autonomous agents (LangChain, AutoGen, CrewAI, PydanticAI) using static analysis, network heuristics, and eBPF. Foundational tool for AIBOM compliance and AgentOps governance.

3K 16 5
gebalamariusz
cloud-audit

Fast, opinionated AWS security scanner. Curated checks. Zero noise. Copy-paste fixes.

3K 64 13
m0rvayne
redteam-mcp

Active red-teaming for MCP servers. Source analysis + live exploitation + auto-fix. Claude Code plugin.

3K 2 0
ArmorerLabs
armorer-guard

Fast local Rust scanner for AI-agent prompt injection, credential leaks, exfiltration, and risky tool calls

3K 40 10
mcpware
intentprobe

Activation-probe security scanner for AI agent tooling. Reads a model's internal activations to detect poisoned MCP servers, skills, and packages before install.

3K 8 0
    • Data from PyPI, GitHub, ClickHouse, and BigQuery