PyRank

Vulnerability Scanner Python Packages

Python packages with the GitHub topic vulnerability-scanner. Sorted by relevance, with stars and monthly downloads.
sqlmapproject
sqlmap

Automatic SQL injection and database takeover tool

107K 37K 6K
Usta0x001
phantom-agent

Autonomous Offensive Security Intelligence - AI-powered penetration testing

17K 13 4
dalisecurity
fray

Open-source WAF Security Testing Platform — 7,200+ attack payloads, 98 WAF/CDN fingerprints, AI-powered bypass engine, recon pipeline, beautiful CLI output

11K 50 4
0xSteph
ptai

Offensive-security MCP server with 205 wrapped tools, 17 specialist agents, and 60 SPA-aware probes for OWASP Top 10. CLI + MCP, BYO LLM. No API key needed on MCP path.

7K 255 52
wordfence
wordfence

Wordfence malware and vulnerability scanner command line utility.

7K 151 31
Pantheon-Security
medusa-security

AI-first security scanner with 76 analyzers, 9,600+ detection rules, and repo poisoning detection for AI/ML, LLM agents, and MCP servers. Scan any GitHub repo with: medusa scan --git user/repo

6K 489 85
adudley78
mcp-audit-scanner

Security scanner for MCP (Model Context Protocol) server configurations. Detects prompt injection, credential exposure, supply chain risks, and more.

5K 2 0
ExploitCraft
reconninja

38-phase automated reconnaissance framework for security researchers

4K 39 7
quodeq
quodeq

AI-powered code quality and security scanner. Open source, MIT, runs locally. <🧭>

4K 12 1
Metbcy
securescan

Security scanning without the SaaS tax. Multi-scanner orchestration, baseline diffing, SBOM + SARIF, signed everything — runs in your terminal, your CI, or a dashboard you own.

4K 0 0
gebalamariusz
cloud-audit

Fast, opinionated AWS security scanner. Curated checks. Zero noise. Copy-paste fixes.

3K 57 11
AgentSeal
agentseal

Security toolkit for AI agents. Scan your machine for dangerous skills and MCP configs, monitor for supply chain attacks, test prompt injection resistance, and audit live MCP servers for tool poisoning.

3K 257 38
mrhenrike
embedxpl

Embedded Device Security Assessment Framework — 700 modules, 350 CVEs, 55 vendors, APT Group Engine. Covers routers, IP cameras, GPON ONTs, ISP CPEs, IoT/embedded edge.

3K 6 3
HeadyZhang
agent-audit

Static security scanner for LLM agents — prompt injection, MCP config auditing, taint analysis. 49 rules mapped to OWASP Agentic Top 10 (2026). Works with LangChain, CrewAI, AutoGen.

2K 170 18
Threads-Beams
alnur

ALNUR — Open-source end-to-end security vulnerability scanner. Detects CVEs, hardcoded secrets, architecture flaws, and port risks across Node.js, Python, PHP, Go, Rust, Java, .NET, Ruby and more

1K 3 0
AliAmmar15
velonus

AI-native security copilot for Python developers. Scans for secrets, vulnerabilities, and dependency CVEs — then tells you how to fix them.

1K 32 2
Jitesh17
secscan-tool

Automated web security scanner with HTML/Markdown/JSON reports and AI-tailored remediation

935 1 1
OWASP
nettacker

Automates information gathering, vulnerability scanning and aids penetration testing engagements in general

851 5K 1K
FrancescoStabile
numasec

The AI Agent for Cyber Security.

813 360 45
regaan
basilisk-ai

LLM/AI Application Red Teaming Framework — Break Every Mind

808 18 0
bawbel
bawbel-mcp

MCP server exposing Bawbel Scanner as agent-callable tools. Scan MCP servers, skill files, and system prompts for AVE vulnerabilities mid-conversation.

732 1 0
VanirLab
commi3

Is an Automated Commando Line Tool for pentesting and other fun stuff

702 1 0
SoubhikGhosh
soweak

OWASP LLM Top 10 security middleware framework for Python.

682 1 0
Cope-Labs
selvo

Linux dependency blast-radius ranker — surfaces highest-value CVE patch opportunities

641 0 0