PyRank
  • Insights
  • PyPI
  • GitHub
  • Search
  • Compare
  • Advisories
  • Ecosystem
  • About

Threat Detection Python Packages

Python packages with the GitHub topic threat-detection. Sorted by relevance, with stars and monthly downloads.
flowtriq
ftagent

Flowtriq DDoS Detection Agent. Real-time traffic monitoring, incident detection, PCAP capture, and auto-mitigation

9K 5 1
rahadbhuiya
cnsl

Security Layer

5K 4 0
call518
logsentinelai

LLM-powered security log analyzer: detect threats & anomalies with zero regex — just declare a Pydantic schema. Real-time Telegram alerts, SIEM-ready with Elasticsearch/Kibana. Supports OpenAI, Ollama, vLLM.

4K 56 11
Nebulock-Inc
agentic-threat-hunting-framework

ATHF is a framework for agentic threat hunting - building systems that can remember, learn, and act with increasing autonomy.

2K 319 44
T0nd3
logatory

Local-first log analysis with PII redaction, threat detection, anomaly detection and LLM insights — CLI, web dashboard and REST API

2K 11 0
secureagentics
adrian-sdk

Open-source runtime AI agent security tool - monitors and controls AI agents, catching malicious tool use, prompt injection, and policy drift in real time, before the agent acts.

1K 376 77
trendmicro
visionone-filesecurity

Trend Vision One File Security Python SDK

1K 1 1
Agent-Threat-Rule
pyatr

Open detection standard -- like Sigma, but for AI agents. 425 rules, shipped in Microsoft AGT, Cisco AI Defense, MISP, OWASP A-S-R-H. 97.1% recall on NVIDIA garak. NIST OSCAL Path 1.

996 294 39
spyboy-productions
websecprobe

Security testing tool for analyzing HTTP 403 responses and identifying access control misconfigurations in web applications.

573 180 27
flowtriq
ftagent-lite

Lightweight open-source DDoS traffic monitor — stdout output, no account required

363 33 1
cac0ns3c
lyrebird-emulator

Modern async-first internet-services emulation suite for malware-analysis labs — a defensive INetSim successor with detection telemetry (paired Sigma rules + analytics) as a first-class output.

331 1 1
aayush022008
agentfortress

Runtime protection and security monitoring for AI agents — The CrowdStrike for AI Agents

324 3 0
crisbez
atlas4d

Self-hosted 4D spatiotemporal AI platform built on PostgreSQL, PostGIS, TimescaleDB, H3 and pgvector, with anomaly & threat detection, NLQ interface and full observability.

318 15 1
akintunero
simple-dns-poisoning-detector

The DNS Poisoning Detector is a Python-based tool designed to monitor DNS traffic, detect potential DNS poisoning attacks, and generate detailed PDF reports of its findings.

314 4 1
stihia-ai
stihia

Python SDK for the Stihia real-time threat detection API for AI systems.

288 0 0
Ap6pack
malwar

Static analysis engine for detecting malware in agentic AI skill files

279 0 2
deconvolute-labs
yara-gen

Generate YARA rules automatically from positive and negative examples. For PII detection, secret scanning, and prompt injection.

267 1 0
Carlos-Projects
mcpscope

Unified MCP/A2A security scanner dashboard

255 0 0
deconvolute-labs
yaramint

Generate YARA rules automatically from positive and negative examples. For PII detection, secret scanning, and prompt injection.

216 1 0
aris1009
pysigma-backend-victorialogs

pySigma VictoriaLogs (LogsQL) backend

212 0 0
iocx-dev
iocx-registry-keys

High-performance iocx plugin for detecting Windows Registry keys, values, and persistence locations.

208 1 0
sundew-sh
sundewsh

A carnivorous honeypot for AI agents. Every deployment generates a unique persona so no two instances look alike. Detects, fingerprints, and classifies autonomous agent attacks in real time.

203 7 2
backbay-labs
hushspec

Portable specification for AI agent security rules

200 24 1
ctrl-sagesh
sentinelforge

Autonomous AI Cyber Defense Agent Framework — LangGraph-powered SOC automation with constitutional safety guardrails

162 0 0
    • Data from PyPI, GitHub, ClickHouse, and BigQuery