Search Packages

maigret

🕵️‍♂️ Collect a dossier on a person by username from 3000+ sites

sherlock-project

Hunt down social media accounts by username across social networks

dirsearch

Web path scanner

hibpwned

Python API wrapper for haveibeenpwned.com (API v3)

s3scanner

Scan for misconfigured S3 buckets across S3-compatible APIs!

faradaysec

Open Source Collaborative Penetration Test and Vulnerability Management Platform https://www.faradaysec.com

codext

Python codecs extension featuring CLI tools for encoding/decoding anything

reconninja

⚡ ReconNinja v8.2.1 — 38-phase recon framework for pentesters & bug bounty hunters. Subdomain enum → port scan → web recon → WAF/CORS/JS/cloud bucket detection → GitHub OSINT → CVE lookup → AI threat analysis → HTML report. Domains, IPs, CIDRs, target lists. Plugin system. 598 tests.

slack-watchman

Slack enumeration and exposed secrets detection tool

defaultcreds-cheat-sheet

One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️

pyeti-python3

Python bindings for Yeti's API

hawk-scanner

A powerful scanner to scan your Filesystem, S3, MySQL, Redis, Google Cloud Storage and Firebase storage for PII and sensitive data.

routersploit

Exploitation Framework for Embedded Devices

honeydb

HoneyDB Python Module

yara-mail

A Python package and command line utility for scanning emails with YARA rules

dshield

Pythonic interface to the Internet Storm Center / DShield API.

autopwn-suite

AutoPWN Suite is a project for scanning vulnerabilities and exploiting systems automatically.

opencve

CVE Alerting Platform

pyvulscan

Vulnerability scanner for Python dependencies using the OSV API

chickadee

Yet another IP address enrichment tool

metlo

Metlo is an open-source API security platform.

secml-malware

Create adversarial attacks against machine learning Windows malware detectors

aarya

Validates the existence of registered accounts across social & shopping platforms and extracts rich identity intelligence (Names, Photos, IDs).

wshawk

Open source toolkit for WebSocket security testing, web application penetration testing, and stateful attack validation. It combines a CLI scanner, web dashboard, Electron desktop app, browser companion, and project-backed workflows for authorized security assessments.