Open Source Python Security Software - Page 26

Python Security Software

View 5752 business solutions

Browse free open source Python Security Software and projects below. Use the toggles on the left to filter open source Python Security Software by OS, license, language, programming language, and project status.

  • MongoDB Atlas runs apps anywhere Icon
    MongoDB Atlas runs apps anywhere

    Deploy in 115+ regions with the modern database for every enterprise.

    MongoDB Atlas gives you the freedom to build and run modern applications anywhere—across AWS, Azure, and Google Cloud. With global availability in over 115 regions, Atlas lets you deploy close to your users, meet compliance needs, and scale with confidence across any geography.
    Start Free
  • Our Free Plans just got better! | Auth0 Icon
    Our Free Plans just got better! | Auth0

    With up to 25k MAUs and unlimited Okta connections, our Free Plan lets you focus on what you do best—building great apps.

    You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
    Try free now
  • 1
    mongoaudit

    mongoaudit

    A powerful MongoDB auditing and pentesting tool

    mongoaudit is a CLI tool for auditing MongoDB servers, detecting poor security settings and performing automated penetration testing. It is widely known that there are quite a few holes in MongoDB's default configuration settings. This fact, combined with abundant lazy system administrators and developers, has led to what the press has called the MongoDB apocalypse. mongoaudit not only detects misconfigurations, known vulnerabilities and bugs but also gives you advice on how to fix them, recommends best practices and teaches you how to DevOp like a pro! MongoDB listens on a port different to default one. Server only accepts connections from whitelisted hosts / networks. MongoDB HTTP status interface is not accessible on port 28017. MongoDB is not exposing its version number. MongoDB version is newer than 2.4. TLS/SSL encryption is enabled. Authentication is enabled. SCRAM-SHA-1 authentication method is enabled.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 2
    mssqlproxy

    mssqlproxy

    Toolkit aimed to perform lateral movement in restricted environments

    mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse. The client requires impacket and sysadmin privileges on the SQL server. The first step is to execute code in the SQL Server process context. As extended stored procedures are going to be deprecated in future versions of MSSQL, we pay attention to Microsoft recommendations and thus, use CLR assemblies instead.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 3
    A python interface for nmap. Allows you to get information about your local network and conduct nmap scans and read the results from a python application or interpreter. Currently tested (lightly) under Windows XP, Mac OS 10.5.5 and Ubuntu 8.04 and 8.10.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 4
    nodejsscan

    nodejsscan

    nodejsscan is a static security code scanner for Node.js applications

    Static security code scanner (SAST) for Node.js applications powered by libsast and semgrep. nodejsscan is a static security code scanner for Node.js applications.
    Downloads: 0 This Week
    Last Update:
    See Project
  • AI-generated apps that pass security review Icon
    AI-generated apps that pass security review

    Stop waiting on engineering. Build production-ready internal tools with AI—on your company data, in your cloud.

    Retool lets you generate dashboards, admin panels, and workflows directly on your data. Type something like “Build me a revenue dashboard on my Stripe data” and get a working app with security, permissions, and compliance built in from day one. Whether on our cloud or self-hosted, create the internal software your team needs without compromising enterprise standards or control.
    Try Retool free
  • 5
    nogotofail

    nogotofail

    An on-path blackbox network traffic security testing tool

    nogotofail is a network security testing tool developed by Google to help developers and researchers identify weaknesses in TLS/SSL implementations and detect unencrypted traffic that could compromise sensitive data. The tool functions as an on-path man-in-the-middle (MiTM) testing system, allowing users to inspect and evaluate how applications and devices handle encrypted connections under real-world conditions. It can detect a wide range of vulnerabilities, including improper SSL certificate validation, library misconfigurations, and downgrade or stripping attacks such as SSL and STARTTLS stripping. The system’s flexible architecture supports automated testing at scale, making it suitable for both single-device assessments and large network evaluations. Its modular structure also allows for customization and extension, enabling researchers to target specific network behaviors or encryption flaws.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 6

    nsrlquery

    Provides tools to interface with NIST's NSRL RDS.

    The National Institutes of Science and Technology maintains the National Software Reference Library. As part of this, they keep track of SHA-1 hashes of millions of known pieces of software (the "Reference Data Set"). Unfortunately, there are very few tools to help users query the NSRL RDS. That's where nsrlquery comes in.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 7
    ntfy

    ntfy

    Utility for sending notifications, on demand and when commands finish

    ntfy brings notification to your shell. It can automatically provide desktop notifications when long-running commands finish or it can send push notifications to your phone when a specific command finishes. The install technique in the quickstart is the suggested method of installation. It can be installed in a virtualenv, but with some caveats, Linux notifications require system-site-packages for the virtualenv and OS X notifications don’t work at all. ntfy has support for automatically sending notifications when long-running commands finish in bash and zsh. In bash it emulates zsh’s preexec and precmd functionality with rcaloras/bash-preexec. The backends key specifies what backends to use by default. Each backend has its own configuration, stored in a key of its own name. If you want multiple configs for the same backend type, you can specify any name and then specify the backend with a backend key.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 8

    pam_duration

    Set limits on per-day total usage for Linux/Unix users

    pam_duration provides a module for the Pluggable Authentication Module (PAM) authorization framework that sets per-day limits on total usage by particular Linux/Unix users on a single system. Limits can be configured by day of the week, so, for example, weekend limits can be different from weekdays. It also provides a service to ensure logout when the specified time limit expires.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 9
    Parano is a GNOME frontend for creating/editing/checking MD5, SHA-1 and SFV files
    Downloads: 0 This Week
    Last Update:
    See Project
  • Enterprise-grade ITSM, for every business Icon
    Enterprise-grade ITSM, for every business

    Give your IT, operations, and business teams the ability to deliver exceptional services—without the complexity.

    Freshservice is an intuitive, AI-powered platform that helps IT, operations, and business teams deliver exceptional service without the usual complexity. Automate repetitive tasks, resolve issues faster, and provide seamless support across the organization. From managing incidents and assets to driving smarter decisions, Freshservice makes it easy to stay efficient and scale with confidence.
    Try it Free
  • 10
    password-generator

    password-generator

    passwort, passwort-generator, password, password generator

    Passwort-Generator in Python. passwort-generator.exe md5 hash: fccfcf626e84382fd63d079f94f195f1
    Downloads: 0 This Week
    Last Update:
    See Project
  • 11
    Utility for facebook memory forensics.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 12
    pdfsigner
    A Pure-Python library which digitally sign PDF files, Based on: pyPdf, pyasn1 and TLS Lite.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 13
    phpbb bruteforce

    phpbb bruteforce

    phpbb login brute force

    phpbb forum login brute force
    Downloads: 0 This Week
    Last Update:
    See Project
  • 14
    phpsploit

    phpsploit

    Full-featured C2 framework which silently persists on webserver

    Full-featured C2 framework which silently persists on webserver via polymorphic PHP oneliner. The obfuscated communication is accomplished using HTTP headers under standard client requests and web server's relative responses, tunneled through a tiny polymorphic backdoor. Detailed help for any option (help command) Cross-platform on both client and server. CLI supports auto-completion & multi-command. Session saving/loading feature & persistent history. Multi-request support for large payloads (such as uploads) Provides a powerful, highly configurable settings engine. Each setting, such as user-agent has a polymorphic mode. Customizable environment variables for plugin interaction. Provides a complete plugin development API.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 15
    Polydish is a polymorphic Internet server capable of accepting pluggable protocols (written in Python or Ruby), and can thereby serve any type of content imaginable. The backend code is a fast, secure, C-based server, employing thread pools and OpenSSL.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 16
    privacyidea

    privacyidea

    two factor authentication management system

    privacyIDEA is a management and authentication system for two factor authentication. You can use OTP tokens, OTP cards, SMS, Smartphone Apps to incorparte the second factor. It can even manage SSH keys and supports Offline OTP. The latest version can manage and enroll user certificates. Its modular design makes it easily enhancable. It runs on Linux. Applications and workflows can be connected to privacyIDEA hence enabling two factor authentication in your system logon, web applications, SSL VPNs, firewalls and many more. A detailed audit log gives you full control of what happens when, where (why? ;-) and by whom. A demo site is available at demo.privacyidea.org.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 17

    protepad

    Small GUI to encrypt/decrypt texts

    The tool is useful when you want to encrypt and decrypt texts with password. Encrypted text can be posted online, and can only be decrypted back when correct password is entered.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 18

    pwnCheck

    Password pwn check.

    This program is a graphical user interface for checking pwned passwords, it's writen with python and pyQT4. Program calculates password hash and then searches for matches with first 5 symbols (prefix) in https://api.pwnedpasswords.com, then full hash match is found localy on users PC.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 19
    An attempt to send a full flagged MIME based email using open relay mail servers (authentication not required). Written in Python3. Using smtplib and email liabraries TODO: Bruteforce the SMTP authentication. Support TLS.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 20
    A pure python module which implements the DES and Triple-DES encryption algorithms. Triple DES is either DES-EDE3 with a 24 byte key, or DES-EDE2 with a 16 byte key.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 21
    pyMoul: Python tools for Myst Online - URU Live (MOUL)
    Downloads: 0 This Week
    Last Update:
    See Project
  • 22
    This is a swig-based python wrapper for the OpenPACE library.
    Downloads: 0 This Week
    Last Update:
    See Project
  • 23
    Simple pygtk application for create and verify md5, crc32 and other checksum
    Downloads: 0 This Week
    Last Update:
    See Project
  • 24
    A firewall knocking mechanism that is loosely based on tumbler (tumbler.sourceforge.net) instead it is written in python. A focus of this implementation will be on multiple client implementations (OSX Widget, XP taskbar, etc.)
    Downloads: 0 This Week
    Last Update:
    See Project
  • 25
    pyWhat

    pyWhat

    Identify emails, IP addresses, and more

    pyWhat is a Python-based identification tool designed to figure out “what” a piece of text or file content represents, especially in security and OSINT workflows. Given inputs such as hex strings, URLs, email addresses, IP addresses, credit card numbers, cryptocurrency wallets, or entire .pcap capture files, it scans for structured patterns and tells you what it finds. The tool is recursive: it can traverse files and directories to extract meaningful entities, which is useful when analyzing malware samples, network captures, or code repositories at scale. It offers powerful filters called “tags” and distributions that let you narrow results to specific categories like bug bounties, cryptocurrencies, or AWS-related artifacts. For automation and integration, pyWhat provides a CLI with options for rarity filtering, sorting, and JSON export, as well as an API that can be imported into other Python programs.
    Downloads: 0 This Week
    Last Update:
    See Project