Open Source Python Security Software - Page 18

Proxy server that performs proof of concept session hijacking by receiving cookies from one or more NomNom Agents. It then offers the user an option to switch to any intercepted session. More features and site specific options later.

Nuhe is a log monitoring system, which is capable of alarm generation and action when rules are matched against log(s) activity.

Nuhe Client is a project related to the Nuhe Action Capable Log Monitor. This GUI client simplifies the administration of sensors and node managers, making it easier to control and monitor the network. Comes with a rule editor as well as a log monitor.

Security analysis tools produced by The Ohio State University Network Security Group.

Maryam is an open source intelligence (OSINT) framework designed to automate the process of gathering and analyzing publicly available information from the internet. It provides a modular environment that enables users to collect data from search engines, open data sources, and various online services for reconnaissance and investigative purposes. Written in Python, Maryam is built to provide a flexible and extensible framework for harvesting information quickly and efficiently from open sources. Maryam helps security researchers and analysts streamline routine data-gathering tasks that typically involve searching multiple sources such as Google, Bing, or other online platforms. Maryam organizes its functionality into several modules that focus on different aspects of intelligence gathering, including footprint analysis, OSINT data extraction, and general search operations.

OWASP OWTF is a project focused on penetration testing efficiency and alignment of security tests to security standards like the OWASP Testing Guide (v3 and v4), the OWASP Top 10, PTES and NIST so that pentesters will have more time to see the big picture and think out of the box. More efficiently find, verify and combine vulnerabilities. Have time to investigate complex vulnerabilities like business logic/architectural flaws or virtual hosting sessions. Perform more tactical/targeted fuzzing on seemingly risky areas. Demonstrate true impact despite the short timeframes we are typically given to test. The tool is highly configurable and anybody can trivially create simple plugins or add new tests in the configuration files without having any development experience. OWTF is developed on KaliLinux and macOS but it is made for Kali Linux (or other Debian derivatives).

Transparent file encryption performs real-time I/O encryption and decryption of the files in any block data with 16 bytes. The encryption uses a 256 bits symmetric key to encrypt or decrypt the data with AES encryption algorithm. Auto file encryption protects data "at rest", meaning the transparent data and files encryption. It provides the ability to comply with policies which can be applied by users, processes and file type. This allows only authorized users and processes to access the encrypted files, unauthorized users and processes can’t access the encrypted files. The Auto FileCrypt Tool was developed with EaseFilter Encryption Filter Driver(EEFD) SDK, a file level encryption filter driver. Run the auto file encryption service with administrator permission, add the managed folders as encryption folder, when the files were added to the managed folder, the files will be encrypted automatically, when files were read, the data will be decrypted in memory automatically.

OneForAll is a comprehensive subdomain enumeration and reconnaissance tool primarily used in penetration testing and bug bounty workflows. Built in Python, it aggregates results from numerous DNS, certificate transparency, search engine, and threat intelligence sources to uncover hidden subdomains. The tool is particularly notable for incorporating many Chinese data sources that are often missed by Western-focused recon tools, increasing discovery coverage. It supports brute-force subdomain discovery, recursive scanning, and takeover detection to help identify potential attack surfaces. OneForAll also performs validation and enrichment of discovered domains, producing structured outputs for further analysis. Overall, it is a powerful asset discovery platform designed to maximize subdomain visibility during security assessments.

Download code, Learn code, Share code. The Ongoing Object-oriented Perl Project. scripts, tutorials, modules, case studies, anything OOPerl --not excluding contributions of OO discipline in other programming languages.

OnionSearch is a Python-based command-line tool designed to collect and aggregate links from multiple search engines on the Tor network. The script works by scraping results from a variety of .onion search services, allowing users to perform a single query while gathering results from many sources at once. This approach helps researchers and investigators locate hidden services more efficiently without manually querying each individual search engine. It is primarily intended for educational use and open-source intelligence (OSINT) research involving the Tor network. OnionSearch supports multiple engines and can combine results into a single output, making it easier to analyze discovered onion links. It also offers flexible command-line options that allow users to limit results, choose which engines to query, and export collected data. By automating searches across several dark web search engines, OnionSearch simplifies the process of discovering information on hidden services.

OpenPortalGuard is a flexible, extensible, and massively scalable access control system for portals. It provides single-sign-on features for username/pw and smartcards as well as declarative access control.

This is a web application firewall suite

The OpenCoin project provides resources for creating virtual currencies: documentation, format and protocol definitions, an open-source reference implementation for issuers, users and traders. It is based on David Chaum's electronic cash concept.

OpenSEED is open source implementation for SEED, the 128-bit Symmetric Block Cipher which is used widely among Korean Financial & Banking Companies. OpenSEED will implement TLS over SEED, also.

OpenSQLi-NG is the next generation open source sql injection tool. It silently test and exploit (on-demand) SQL injections conditions. Please refer to the project web site to have the complete description: http://opensqling.sourceforge.net/?page_id=8

OpenSessame is a personnel entry control and time tracking management system. Platform independent, multi-node, client-server system, written in Python, with wxPython/wxWidgets client, a web management gui and PostgreSQL database backend.

Manage your passwords!

P.I.G.: Privacy In Gedit, a plugin for gedit, encode and decode text to base64.

An ARP watch daemon for windows (portable to linux but it is already there...) which is able to be run as a service and logs to eventlog so one can collect the logs and react to events.

Python Advanced Wordlist Generator is an easy to use software to create profiled wordlists and make various operations on an existing wordlist. This software is part of the "Kalkulator's Knights" project.

Petoron Crypto Archiver (PCA) Key features: AES-256-CFB encryption with unique IV per archive Argon2id key derivation (256MB RAM / time_cost=3 / parallelism=4) HMAC-SHA512 integrity and anti-tampering check No compression, no fingerprinting, no trace of original data Works with both single files and entire directories Fully CLI-based, portable, and open format (.pca) https://github.com/01alekseev/PCA

PGP Individual UID Signer makes signing all the UIDs on all of the keys at a PGP Keysigning party much simpler. It prompts for verification fingerprints, and then signs each UID on each key separately and PGP/Mime encrypt-emails them to their recipient. NOTE: Developement now happens at GitHub: http://github.com/jaymzh/pius

The aim of this small program is to parse your address book (Evolution address book or VCard file for the moment) and check if some of your contacts have uploaded a PGP public key on a key server.

Petoron Local Destroyer (PLD) Features: 10-pass default cryptographic overwrite (customizable) Argon2id + AES-CFB entropy stream per session No logs, no caching, no backups Full CLI control (purge, wipe) Clean TRASH/workflow If you want your files to truly disappear — not just be deleted - PLD is the tool. https://github.com/01alekseev/PLD

Petoron Quantum Standard (PQS) v1.2 A fully custom, offline encryption standard - built entirely from scratch. PQS v1.2 is a minimalistic, self-contained encryption engine for secure file protection, with zero reliance on external cryptographic libraries. PBKDF2-HMAC-SHA256 (200k iterations, adjustable) for password hardening. Key separation via BLAKE2s - independent keys for encryption and MAC. BLAKE2s-MAC authentication - 16-byte tag, any modification = instant rejection. Streaming keystream generator - secure, large-scale XOR without key reuse. Fake padding (HEAD/TAIL) - obfuscates binary boundaries and payload structure. Precise size encoding - restores original payload exactly. Supports files up to 128 MB per encrypted block. No dependencies, fully offline, cross-platform Python implementation. PQS is designed for high-assurance security, full auditability, and deterministic offline use - without unnecessary complexity. https://github.com/01alekseev/PQS