PyPI Stats

Search Packages

Find Python packages by name, description, GitHub topic, or filter by metrics
Kylmakalle
devicecheck

Reduce fraudulent use of your services by managing device state and asserting app integrity via Apple DeviceCheck API with this Python wrapper.

948K 34 5
ajinabraham
libsast

Generic SAST Library

322K 136 22
MobSF
mobsfscan

mobsfscan is a static analysis tool that can find insecure code patterns in your Android and iOS source code. Supports Java, Kotlin, Swift, and Objective C Code. mobsfscan uses MobSF static analysis rules and is powered by semgrep and libsast pattern matcher.

146K 754 121
ajinabraham
njsscan

njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.

132K 425 103
duriantaco
ca9

CVE reachability analysis for Python. Stop fixing vulnerabilities that don't affect you. Static + dynamic analysis to cut SCA noise from Snyk, Dependabot, Trivy, and others.

62K 4 0
maurosoria
dirsearch

Web path scanner

23K 14K 2K
infamousjoeg
pyaim

@CyberArk Application Access Manager Client Library for Python 3

9K 28 6
squid-protocol
gitgalaxy

An AST-free, LLM-free heuristic knowledge graph engine for deep repository intelligence. Map, secure, and modernize enterprise codebases across 50+ languages at extreme velocity

5K 22 0
openziti
openziti

Ziti SDK for Python

5K 94 8
infobyte
faradaysec

Open Source Collaborative Penetration Test and Vulnerability Management Platform https://www.faradaysec.com

3K 6K 1K
nocomplexity
codeaudit

Codeaudit - Modern Python source code security analyzer based on distrust.

3K 37 1
FrancescoStabile
numasec

AI agent for penetration testing. Like Claude Code, but for security. Open source, MCP-native, works with any LLM.

3K 119 17
F5-Labs
cryptonice

CryptoNice is both a command line tool and library which provides the ability to scan and report on the configuration of SSL/TLS for your internet or internal facing web services. Built using the sslyze API and ssl, http-client and dns libraries, cryptonice collects data on a given domain and performs a series of tests to check TLS configuration and supporting protocols such as HTTP2 and DNS.

2K 101 22
bluerock-io
bluerock-oss

metamorphic rock which glows blue when activated, sheaths python, MCP & more

2K 2 0
manthanghasadiya
mcpsec

An AI-driven dynamic protocol fuzzer for the Model Context Protocol (MCP). Prove runtime exploitability by discovering state violations, transport crashes, and application-layer logic flaws (SSRF, LFI) before your AI agents do.

2K 21 3
IncludeSecurity
safeurl-python

Python implementation of SafeURL (Anti-SSRF Lib)

1K 11 4
dev-ugurkontel
surface-audit

Deterministic security smoke tests for preview, staging, and pre-deploy web URLs.

1K 1 1
AppThreat
joern-lib

Python library for code analysis with CPG and Joern

1K 25 1
hupe1980
cdktg

Agile Threat Modeling as Code

988 13 2
momenbasel
vulnhawk

AI-powered code security scanner that finds vulnerabilities Semgrep and CodeQL miss

917 45 5
bluerock-io
bluerock

metamorphic rock which glows blue when activated, sheaths python, MCP & more

605 2 0
meddlin
cve-explorer-cli

CLI interface to understand CVEs and their related information

447 0 0
zyron-security
zyron-agentshield

Professional DAST & Pentest Framework

389 3 0
mazen160
llmquery

A package for querying various LLM providers

387 34 2