PyRank

Vulnerabilities Python Packages

Python packages with the GitHub topic vulnerabilities. Sorted by relevance, with stars and monthly downloads.
anthonyharrison
lib4vex

Library to ingest and generate VEX documents

49K 20 4
anthonyharrison
csaf-tool

CSAF generator and validator

41K 9 3
aboutcode-org
univers

Parse and compare package versions and ranges. From debian, npm, pypi, ruby and more. Process all the version range specs and expressions. This project is sponsored by an NLnet project https://nlnet.nl/project/vulnerabilitydatabase/ , the Google Summer of Code, nexB and others generous sponsors!

27K 46 22
intel
cve-bin-tool

The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 350 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.

21K 2K 621
sonatype-nexus-community
jake

Check your Python environments for vulnerable Open Source packages with OSS Index or Sonatype Nexus Lifecycle.

20K 132 22
ochronasec
ochrona

A command line tool for detecting vulnerabilities in Python dependencies and doing safe package installs

16K 51 8
sonatype-nexus-community
ossindex-lib

Python library for querying OSS Index

12K 2 4
aquasecurity
kube-hunter

Hunt for security weaknesses in Kubernetes clusters

11K 5K 609
ohaswin
pyscan-rs

python dependency vulnerability scanner, written in Rust.

10K 246 9
aboutcode-org
aboutcode-pipeline

ScanCode.io is a server to script and automate software composition analysis with pipelines. This project is sponsored by the European Commission, NLnet NGI0, the Google Summer of Code, nexB and others generous sponsors!

8K 201 191
twu
skjold

Security audit Python project dependencies against security advisory databases.

8K 67 13
google
clusterfuzz

Scalable fuzzing infrastructure.

8K 6K 612
wordfence
wordfence

Wordfence malware and vulnerability scanner command line utility.

7K 151 31
aboutcode-org
scancodeio

ScanCode.io is a server to script and automate software composition analysis with pipelines. This project is sponsored by the European Commission, NLnet NGI0, the Google Summer of Code, nexB and others generous sponsors!

3K 201 191
vanschelven
fpvs

Fast Python Vulnerability Scanner

3K 2 0
aboutcode-org
aboutcode-api-auth

Automate open source license compliance and ensure software supply chain integrity

1K 45 21
opencve
opencve

Vulnerability Intelligence Platform

1K 3K 317
metlo-labs
metlo

Metlo is an open-source API security platform.

956 2K 105
tilakthimmappa
pyraider

Using PyRaider You can scan installed dependencies known security vulnerabilities. It uses publicly known exploits, vulnerabilities database.

946 18 0
n3th4ck3rx
cvequery

Query CVE details using Shodan's public CVE database API.

740 1 0
shenxianpeng
pipguard

Scan Python packages for supply chain attacks before installing them

730 1 0
productaize
bogrod

Manage SBOM, VEX records and release notes in a single tool

502 22 3
flyingcircusio
vulnix

Vulnerability (CVE) scanner for Nix/NixOS [maintainer=@henrirosten]

418 768 46
xPloits3c
dorkeye

Advanced Google Dorking with Google Dorks Generator, SQLi analysis, WAF detection and extract metadata.

414 131 20