python安全和代码审计相关资料收集 resource collection of python security and code review

🐍 🔍 GuardDog is a CLI tool to Identify malicious PyPI and npm packages

Modern Python library for HTTP security headers (CSP, HSTS, etc.) with secure defaults and presets for Shiny, FastAPI, Django, Flask, and other ASGI/WSGI apps.

Open-source Python, TypeScript, and Go SAST with dead code detection. Finds secrets, exploitable flows, and AI regressions. VS Code extension, GitHub Action, and MCP server for AI agents.

Python for cybersecurity with the basic concepts, easy to understand code examples, lab exercises, real-world examples, different security scripts covering web security, network security, defensive security, crypto examples, exploits etc...

Supply-Chain Firewall (SCFW) is a tool for preventing the installation of malicious npm and PyPI packages 🔥

Vimana is a modular security framework for auditing Python APIs and Web applications. The plugin-based architecture enables security professionals to assess, fuzz, and analyze Python projects through automated and manual techniques.

Linux Security Audit Tool

Codeaudit - Modern Python source code security analyzer based on distrust.

A Python-based backdoor and server communication tool for ethical hacking and reverse shell practice using socket programming.

GitHub - therealilyas/pentest-toolkit: PentestKit — Advanced penetration testing toolkit in Python & Bash for bug bounty and ethical hacking.

A hands-on simulation of attacking a vulnerable login page using Python. This repo includes a Flask-based vulnerable login page and Python scripts to exploit weaknesses in regex validation and brute-force login attempts. Perfect for learning web penetration testing basics and ethical hacking techniques.

Automated compromise detection of the world's most popular packages

A secret file storage vault in python

MottaHunter: Advanced email reconnaissance tool for security professionals. Hunt emails across Google, Twitter, and LinkedIn, validate via SMTP, and generate smart permutations. Features rate limiting, catch-all detection, and permutation splitting for stealth operations.

The Local Python Code Protector Script is a command-line tool designed to provide source code protection and secure code sharing for Python scripts. It allows developers to obfuscate their Python code. This script supports both Python source files (.py) and compiled Python files (.pyc), offering flexible options for code obfuscation and encryption.

Combine multiple popular python security tools and generate reports or output into different formats

Enumerate typosquatting, IDN homograph, bitsquatting, and visual spoofing candidates for red team engagements, threat hunting, and brand protection.

Python Security Bootcamp aims at helping people with solving,automating challenges in security using python.

Security skills for AI coding agents — incident response for supply chain attacks, credential rotation, IOC detection. Works with Claude Code, Codex, Cursor, or as standalone scripts and runbooks.