PyRank

Threat Detection Python Packages

Python packages with the GitHub topic threat-detection. Sorted by relevance, with stars and monthly downloads.
flowtriq
ftagent

Flowtriq DDoS Detection Agent — real-time L3/L4/L7 traffic monitoring, incident detection, PCAP capture, and auto-mitigation

6K 4 0
call518
logsentinelai

LLM-powered security log analyzer: detect threats & anomalies with zero regex — just declare a Pydantic schema. Real-time Telegram alerts, SIEM-ready with Elasticsearch/Kibana. Supports OpenAI, Ollama, vLLM.

4K 48 10
Nebulock-Inc
agentic-threat-hunting-framework

ATHF is a framework for agentic threat hunting - building systems that can remember, learn, and act with increasing autonomy.

3K 275 37
trendmicro
visionone-filesecurity

Trend Micro VisionOne File Security SDK for python

2K 1 1
secureagentics
adrian-sdk

Runtime security monitoring and control for AI agents. Catches malicious tool use, prompt injection, and policy drift in real time, before the agent acts.

1K - -
spyboy-productions
websecprobe

Bypass 403

992 179 28
T0nd3
logatory

Local-first log analysis with PII redaction, threat detection, anomaly detection and LLM insights — CLI, web dashboard and REST API

660 3 0
aris1009
pysigma-backend-victorialogs

pySigma backend that converts Sigma detection rules to LogsQL queries for VictoriaLogs

651 0 0
deconvolute-labs
yaramint

Generate YARA rules automatically from positive and negative examples. For PII detection, secret scanning, and prompt injection.

518 1 0
aayush022008
agentfortress

🛡️ The CrowdStrike for AI Agents — Runtime protection, threat detection & security monitoring for LLM agents. Supports LangChain, CrewAI, AutoGen, OpenAI. Python • JS • Rust • Go • Ruby • .NET

419 3 0
stihia-ai
stihia

Python SDK for the Stihia real-time threat detection API for AI systems.

328 0 0
flowtriq
ftagent-lite

Lightweight open-source DDoS traffic monitor. Stdout output, no account required

298 21 0
crisbez
atlas4d

Python client for Atlas4D - Open 4D Spatiotemporal AI Platform

275 13 0
Agent-Threat-Rule
pyatr

Open detection standard -- like Sigma, but for AI agents. 425 rules, shipped in Microsoft AGT, Cisco AI Defense, MISP, OWASP A-S-R-H. 97.1% recall on NVIDIA garak. NIST OSCAL Path 1.

255 217 27
deconvolute-labs
yara-gen

Automatically generate YARA rules from adversarial and benign text samples. Built for detecting indirect prompt injection attacks on RAG pipelines.

215 1 0
iocx-dev
iocx-registry-keys

High‑performance iocx plugin for detecting Windows Registry keys, values, and persistence locations. Includes full test coverage, performance benchmarks, and security checks.

175 1 0
Ap6pack
malwar

Static analysis engine for detecting malware in agentic AI skill files

171 0 2
backbay-labs
hushspec

Portable security rules for the action boundary of AI agents

158 22 1
sundew-sh
sundewsh

An open-source honeypot designed to detect and study autonomous AI agent attacks

140 6 2
nabeelxy
syara

SYARA: Super YARA Rules for GenAI Era

136 15 4
AlbinoGazelle
esxi-testing-toolkit

🧰 ESXi Testing Tookit is a command-line utility designed to help security teams test ESXi detections.

81 85 14