Search Results for "python source" - Page 2
Sort By:
Showing 636 open source projects for "python source"
View related business solutions-
Managed MySQL, PostgreSQL, and SQL Databases on Google CloudCloud SQL is a fully managed relational database for MySQL, PostgreSQL, and SQL Server. We handle patching, backups, replication, encryption, and failover—so you can focus on your app. Migrate from on-prem or other clouds with free Database Migration Service. IDC found customers achieved 246% ROI. New customers get $300 in credits plus a 30-day free trial.
-
Ship AI Apps Faster with Vertex AIShip AI apps and features faster with Vertex AI—your end-to-end AI platform. Access Gemini 3 and 200+ foundation models, fine-tune for your needs, and deploy with enterprise-grade MLOps. Build chatbots, agents, or custom models. New customers get $300 in free credit.
-
1
Pacu
The AWS exploitation framework, designed for testing security
Pacu (named after a type of Piranha in the Amazon) is a comprehensive AWS security-testing toolkit designed for offensive security practitioners. While several AWS security scanners currently serve as the proverbial “Nessus” of the cloud, Pacu is designed to be the Metasploit equivalent. Written in Python 3 with a modular architecture, Pacu has tools for every step of the pen testing process, covering the full cyber kill chain. Pacu is the aggregation of all of the exploitation experience... -
2
GitHub Action to detect license names
GitHub Action for license compliance: Python, JavaScript, iOS, Android
GitHub Action for license compliance: Python, JavaScript, iOS, Android and more. Detect license names and types for Python PyPI packages. Identify license types for given license names obtained by third-party tools. Great coverage of free/libre and open source licenses of all types: public domain, permissive, copyleft. Check explicit Python dependencies list for copyleft licenses. -
3
Sigma
Main Sigma Rule Repository
Welcome to the Sigma main rule repository. The place where detection engineers, threat hunters and all defensive security practitioners collaborate on detection rules. The repository offers more than 3000 detection rules of different type and aims to make reliable detections accessible to all at no cost. Sigma is an open-source tool for defining generic detection rules for security event logs, enabling security professionals to detect threats across platforms. -
4
Splunk Attack Range
A tool that allows you to create vulnerable environments
The Splunk Attack Range is an open-source project maintained by the Splunk Threat Research Team. It builds instrumented cloud (AWS, Azure) and local environments (Virtualbox), simulates attacks, and forwards the data into a Splunk instance. This environment can then be used to develop and test the effectiveness of detections. -
Run Any Workload on Compute Engine VMsCompute Engine delivers high-performance virtual machines for web apps, databases, containers, and AI workloads. Choose from general-purpose, compute-optimized, or GPU/TPU-accelerated machine types—or build custom VMs to match your exact specs. With live migration and automatic failover, your workloads stay online. New customers get $300 in free credits.
-
5
InterceptSuite
A TLS MITM proxy for Non-HTTP traffic, with support for TLS upgrades
InterceptSuite is a cross‑platform, SOCKS5‑based MITM proxy specially designed to intercept, inspect, analyze, and manipulate encrypted network traffic at the TCP/TLS layer. It goes beyond HTTP‑focused tools like Burp Suite and ZAP by providing universal TLS interception—including STARTTLS and non‑HTTP protocols—offering deep visibility and control for security testing and debugging. InterceptSuite bridges this gap by providing a universal TLS interception engine that works with any... -
6
Sippts
Set of tools to audit SIP based VoIP Systems
Sippts is a set of tools to audit VoIP servers and devices using SIP protocol. Sippts is programmed in Python and it allows us to check the security of a VoIP server using SIP protocol. You can freely use, modify and distribute. If modified, please put a reference to this site. Most security tools can be used for illegal purposes, but the purpose of this tool is to check the security of your own servers and not to use to do bad things. I am not responsible for the misuse of this tool. Sippts... -
7
Scout Suite
Multi-cloud security auditing tool
Scout Suite is an open-source multi-cloud security-auditing tool, which enables security posture assessment of cloud environments. Using the APIs exposed by cloud providers, Scout Suite gathers configuration data for manual inspection and highlights risk areas. Rather than going through dozens of pages on the web consoles, Scout Suite presents a clear view of the attack surface automatically. Scout Suite was designed by security consultants/auditors. It is meant to provide a point-in-time... -
8
Payloads All The Things
A list of useful payloads and bypass for Web Application Security
A list of useful payloads and bypasses for Web Application Security. Feel free to improve with your payloads and techniques. The API key is a unique identifier that is used to authenticate requests associated with your project. Some developers might hardcode them or leave it on public shares. -
9
SOPS
Simple and flexible tool for managing secrets
sops is an editor of encrypted files that supports YAML, JSON, ENV, INI and BINARY formats and encrypts with AWS KMS, GCP KMS, Azure Key Vault, age, and PGP. For the adventurous, unstable features are available in the develop branch, which you can install from source. To use sops as a library, take a look at the decrypt package. We rewrote Sops in Go to solve a number of deployment issues, but the Python branch still exists under python-sops. We will keep maintaining it for a while, and you can still pip install sops, but we strongly recommend you use the Go version instead. If you're using AWS KMS, create one or multiple master keys in the IAM console and export them, comma separated, in the SOPS_KMS_ARN env variable. ... -
Deploy Apps in Seconds with Cloud RunCloud Run is the fastest way to deploy containerized apps. Push your code in Go, Python, Node.js, Java, or any language and Cloud Run builds and deploys it automatically. Get fast autoscaling, pay only when your code runs, and skip the infrastructure headaches. Two million requests free per month. And new customers get $300 in free credit.
-
10
Django Hijack
With Django Hijack, admins can log in and work on behalf of others
With Django Hijack, admins can log in and work on behalf of other users without having to know their credentials. 3.x docs are available in the docs folder. This version provides a security-first design, easy integration, customization, out-of-the-box Django admin support and dark mode. It is a complete rewrite and all former APIs are broken. A form is used to perform a POST including a CSRF-token for security reasons. The field user_pk is mandatory and the value must be set to the target... -
11
Gobuster
Directory/File, DNS and VHost busting tool written in Go
Gobuster is a tool used to brute-force. This project is born out of the necessity to have something that didn't have a fat Java GUI (console FTW), something that did not do recursive brute force, something that allowed me to brute force folders and multiple extensions at once, something that compiled to native on multiple platforms, something that was faster than an interpreted script (such as Python), and something that didn't require a runtime. Provides several modes, like the classic... -
12
GRR
GRR Rapid Response, remote live forensics for incident response
GRR Rapid Response is an incident response framework focused on remote live forensics. It consists of a python client (agent) that is installed on target systems, and python server infrastructure that can manage and talk to clients. The goal of GRR is to support forensics and investigations in a fast, scalable manner to allow analysts to quickly triage attacks and perform analysis remotely. GRR client is deployed on systems that one might want to investigate. On every such system, once... -
13
nbcelltests
Cell-by-cell testing for production Jupyter notebooks in JupyterLab
nbcelltests is designed for writing tests for linearly executed notebooks. Its primary use is for unit testing reports. Cell-by-cell testing for production Jupyter notebooks in JupyterLab. To use in JupyterLab, you will also need the lab and server extensions. Typically, these are automatically installed alongside nbcelltests, so you should not need to do anything special to use them. The lab extension will require a rebuild of JupyterLab, which you'll be prompted to do on starting... -
14
aws-encryption-sdk
AWS Encryption SDK
The AWS Encryption SDK is a client-side encryption library designed to make it easy for everyone to encrypt and decrypt data using industry standards and best practices. It enables you to focus on the core functionality of your application, rather than on how to best encrypt and decrypt your data. The AWS Encryption SDK is provided free of charge under the Apache 2.0 license. With the AWS Encryption SDK, you define a master key provider (Java and Python) or a keyring (C, C#/.NET, and... -
15
WAFW00F
WAFW00F allows one to identify and fingerprint Web App Firewall
The Web Application Firewall Fingerprinting Tool. Sends a normal HTTP request and analyses the response; this identifies a number of WAF solutions. If that is not successful, it sends a number of (potentially malicious) HTTP requests and uses simple logic to deduce which WAF it is. If that is also not successful, it analyses the responses previously returned and uses another simple algorithm to guess if a WAF or security solution is actively responding to our attacks. For further details,... -
16
proxy.py
Utilize all available CPU cores for accepting new client connections
proxy.py is made with performance in mind. By default, proxy.py will try to utilize all available CPU cores to it for accepting new client connections. This is achieved by starting AcceptorPool which listens on configured server port. Then, AcceptorPool starts Acceptor processes (--num-acceptors) to accept incoming client connections. Alongside, if --threadless is enabled, ThreadlessPool is setup which starts Threadless processes (--num-workers) to handle the incoming client connections.... -
17
SSH-MITM
Server for security audits supporting public key authentication
ssh man-in-the-middle (ssh-mitm) server for security audits supporting publickey authentication, session hijacking and file manipulation. SSH-MITM is a man in the middle SSH Server for security audits and malware analysis. Password and publickey authentication are supported and SSH-MITM is able to detect, if a user is able to login with publickey authentication on the remote server. This allows SSH-MITM to accept the same key as the destination server. If publickey authentication is not... -
18
CTFd
CTFs as you need them
CTFd is a Capture The Flag framework focusing on ease of use and customizability. It comes with everything you need to run a CTF and it's easy to customize with plugins and themes. Create your own challenges, categories, hints, and flags from the Admin Interface. Dynamic Scoring Challenges. Unlockable challenge support. Challenge plugin architecture to create your own custom challenges. Static & Regex-based flags. Custom flag plugins. Unlockable hints. File uploads to the server or an Amazon... -
19
Django OAuth Toolkit
OAuth2 goodies for the Djangonauts!
Django OAuth Toolkit can help you by providing, out of the box, all the endpoints, data, and logic needed to add OAuth2 capabilities to your Django projects. Django OAuth Toolkit makes extensive use of the excellent OAuthLib, so that everything is rfc-compliant. OAuth is an open standard for access delegation, commonly used as a way for Internet users to grant websites or applications access to their information on other websites but without giving them the passwords. Django is a high-level... -
20
macOS Security Compliance
macOS Security Compliance Project
The macOS Security Compliance Project is an open source effort to provide a programmatic approach to generating security guidance. The configuration settings in this document were derived from National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, Security and Privacy Controls for Information Systems and Organizations, Revision 5. This is a joint project of federal operational IT Security staff from the National Institute of Standards and Technology (NIST),... -
21
ClusterFuzz
Scalable fuzzing infrastructure
ClusterFuzz is a scalable fuzzing infrastructure that finds security and stability issues in software. Google uses ClusterFuzz to fuzz all Google products and as the fuzzing backend for OSS-Fuzz. ClusterFuzz provides many features which help seamlessly integrate fuzzing into a software project's development process. Can run on any size cluster (e.g. OSS-Fuzz instance runs on 100,000 VMs). Fully automatic bug filing, triage and closing for various issue trackers (e.g. Monorail, Jira).... -
22
Flan Scan
A pretty sweet vulnerability scanner
Flan Scan is a lightweight open-source network vulnerability scanner designed to make it easy to detect exposed services, open ports, and associated vulnerabilities across IP ranges or network segments as part of security audit and compliance workflows. It is essentially a thin wrapper around the widely-used Nmap scanner, augmenting it with scripts and tooling that transform raw Nmap output into vulnerability-focused reports that map detected services to known CVEs, making results more... -
23
pass import
A pass extension for importing data from most existing password
A pass extension for importing data from most existing password managers. Password management should be simple and follow Unix philosophy. With pass, each password lives inside of a gpg encrypted file whose filename is the title of the website or resource that requires the password. These encrypted files may be organized into meaningful folder hierarchies, copied from computer to computer, and, in general, manipulated using standard command line file management utilities. -
24
Checkov
Prevent cloud misconfigurations during build-time for Terraform
Checkov scans cloud infrastructure configurations to find misconfigurations before they're deployed. Checkov uses a common command-line interface to manage and analyze infrastructure as code (IaC) scan results across platforms such as Terraform, CloudFormation, Kubernetes, Helm, ARM Templates and Serverless framework. Verify changes to hundreds of supported resource types in all major cloud providers. Checkov supports developers using Terraform, Terraform plan, CloudFormation, Kubernetes,... -
25
garak
Developers and anyone seeking an LLM solution to scan for vulnerabilit
garak checks if an LLM can be made to fail in a way we don't want. garak probes for hallucination, data leakage, prompt injection, misinformation, toxicity generation, jailbreaks, and many other weaknesses. garak's a free tool, we love developing it and are always interested in adding functionality to support applications. garak is a command-line tool, it's developed in Linux and OSX. Just grab it from PyPI and you should be good to go. The standard pip version of garak is updated...
