PyPI Stats

Devsecops Python Packages

Python packages with the GitHub topic devsecops. Sorted by relevance, with stars and monthly downloads.
pyupio
safety

Safety checks Python dependencies for known security vulnerabilities and suggests the proper remediations for vulnerabilities detected.

6M 2K 179
CrowdStrike
crowdstrike-falconpy

The CrowdStrike Falcon SDK for Python

2.2M 490 163
GitGuardian
ggshield

Detect and validate 500+ types of hardcoded secrets with advanced checks. Use it as a pre-commit hook, GitHub Action, or CLI for proactive secret detection and security.

576K 2K 194
GitGuardian
pygitguardian

Python API client library for the GitGuardian API

499K 87 15
xonsh
xonsh

🐚 Python-powered shell. Full-featured, cross-platform and AI-friendly.

396K 9K 721
anthonyharrison
lib4sbom

Library to ingest and generate SBOMs

246K 41 21
prowler-cloud
prowler

Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.

187K 14K 2K
dxa4481
trufflehog

Find, verify, and analyze leaked credentials

169K 26K 2K
ajinabraham
njsscan

njsscan is a semantic aware SAST tool that can find insecure code patterns in your Node.js applications.

134K 425 103
duriantaco
skylos

Open-source PR gate for Python, TS/JS, Java, and Go. Stop merging dead code, secrets, security flows, and AI-code regressions.

123K 428 19
anthonyharrison
distro2sbom

Generates SBOM files from system packaging information

88K 38 16
duriantaco
ca9

CVE reachability analysis for Python. Stop fixing vulnerabilities that don't affect you. Static + dynamic analysis to cut SCA noise from Snyk, Dependabot, Trivy, and others.

64K 4 0
anthonyharrison
lib4vex

Library to ingest and generate VEX documents

48K 20 4
anthonyharrison
csaf-tool

CSAF generator and validator

36K 9 3
ncouture
mockssh

Mock an SSH server and define all commands it supports (Python, Twisted)

27K 130 25
msaad00
agent-bom

Open security scanner for AI supply chain and infrastructure: agents, MCP, containers, cloud, GPU, and runtime with blast-radius analysis.

22K 19 6
bancolombia
devsecops-engine-tools

Toolchain for the evaluation of different devsecops practices

20K 45 18
ochronasec
ochrona

A command line tool for detecting vulnerabilities in Python dependencies and doing safe package installs

19K 51 8
owasp-dep-scan
owasp-depscan

OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.

18K 1K 129
intel
cve-bin-tool

The CVE Binary Tool helps you determine if your system includes known vulnerabilities. You can scan binaries for over 350 common, vulnerable components (openssl, libpng, libxml2, expat and others), or if you know the components used, you can get a list of known vulnerabilities associated with an SBOM or a list of components and versions.

18K 2K 619
anthonyharrison
sbom2doc

Transform SBOM contents into a formatted document including markdown and PDF formats

15K 41 8
prowler-cloud
prowler-cloud

Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.

15K 14K 2K
owasp-dep-scan
ds-analysis-lib

OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.

14K 1K 129
owasp-dep-scan
ds-xbom-lib

OWASP dep-scan is a next-generation security and risk audit tool based on known vulnerabilities, advisories, and license limitations for project dependencies. Both local repositories and container images are supported as the input, and the tool is ideal for integration.

14K 1K 129