Refolk
Sign in

Top Python Security repositories on GitHub

Offensive and defensive security tools and libraries. Filtered to projects whose primary language is Python.

Ranked by stars across 1,534 Python repositories tagged security. Refreshed daily.

  1. 1
    swisskyrepo/PayloadsAllTheThings78,560 · ⑂ 17,100

    A list of useful payloads and bypass for Web Application Security and Pentest/CTF

    • pentest
    • payload
    • bypass
    • web-application
    • hacking
    • vulnerability
  2. 2
    mitmproxy/mitmproxy43,996 · ⑂ 4,599

    An interactive TLS-capable intercepting HTTP proxy for penetration testers and software developers.

    • python
    • security
    • man-in-the-middle
    • tls
    • ssl
    • http
  3. 3
    QuivrHQ/quivr39,163 · ⑂ 3,723

    Opiniated RAG for integrating GenAI in your apps 🧠 Focus on your product rather than the RAG. Easy integration in existing products with customisation! Any LLM: GPT4, Groq, Llama. Any Vectorstore: PGVector, Faiss. Any Files. Anyway you want.

    • ai
    • llm
    • api
    • chatbot
    • chatgpt
    • database
  4. 4
    OWASP/CheatSheetSeries32,355 · ⑂ 4,506

    The OWASP Cheat Sheet Series was created to provide a concise collection of high value information on specific application security topics.

    • owasp
    • code
    • security
    • cheatsheets
    • best-practices
    • appsec
  5. 5
    StevenBlack/hosts30,582 · ⑂ 2,419

    🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.

    • python
    • unified-hosts
    • malware
    • ad-blocker
    • porn-filter
    • social-media-filter
  6. 6
    trailofbits/algo30,288 · ⑂ 2,360

    Set up a personal VPN in the cloud

    • vpn-server
    • strongswan
    • ansible
    • vpn
    • ikev2
    • security
  7. 7
    usestrix/strix26,075 · ⑂ 2,931

    Open-source AI hackers to find and fix your app’s vulnerabilities.

    • agents
    • artificial-intelligence
    • cybersecurity
    • penetration-testing
    • ai-penetration-testing
    • ai-pentesting
  8. 8
    goauthentik/authentik22,087 · ⑂ 1,663

    The authentication glue you need.

    • saml
    • saml-idp
    • saml-sp
    • oauth2
    • oauth2-server
    • oauth2-client
  9. 9
    eosphoros-ai/DB-GPT19,035 · ⑂ 2,743

    open-source agentic AI data assistant for the next generation of AI + Data products.

    • database
    • gpt-4
    • vicuna
    • private
    • security
    • llm
  10. 10
    fail2ban/fail2ban18,026 · ⑂ 1,480

    Daemon to ban hosts that cause multiple authentication errors

    • linux
    • macos
    • security
    • intrusion-prevention
    • fail2ban
    • bsd
  11. 11
    mukul975/Anthropic-Cybersecurity-Skills17,173 · ⑂ 2,087

    754 structured cybersecurity skills for AI agents · Mapped to 5 frameworks: MITRE ATT&CK, NIST CSF 2.0, MITRE ATLAS, D3FEND & NIST AI RMF · agentskills.io standard · Works with Claude Code, GitHub Copilot, Codex CLI, Cursor, Gemini CLI & 20+ platforms · 26 security domains · Apache 2.0

    • ai-agents
    • claude-code
    • cybersecurity
    • incident-response
    • mitre-attack
    • penetration-testing
  12. 12
    wifiphisher/wifiphisher14,636 · ⑂ 2,737

    The Rogue Access Point Framework

    • wifiphisher
    • wifi
    • rogue
    • access-point
    • python
    • security
  13. 13
    maurosoria/dirsearch14,412 · ⑂ 2,442

    Web path scanner

    • fuzzer
    • fuzzing
    • python
    • security
    • dirsearch
    • hacking
  14. 14
    prowler-cloud/prowler14,019 · ⑂ 2,192

    Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.

    • security
    • security-tools
    • security-audit
    • security-hardening
    • hardening
    • aws
  15. 15
    evilsocket/opensnitch13,802 · ⑂ 646

    OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.

    • application-firewall
    • firewall
    • linux
    • networking
    • security
    • data-breach
  16. 16
    qazbnm456/awesome-web-security13,497 · ⑂ 1,795

    🐶 A curated list of Web Security materials and resources.

    • awesome-list
    • awesome
    • list
    • web
    • security
    • websecurity
  17. 17
    threat9/routersploit13,151 · ⑂ 2,397

    Exploitation Framework for Embedded Devices

    • python
    • security
    • infosec
    • router-exploitation-framework
    • routersploit-framework
    • exploits
  18. 18
    mvt-project/mvt12,500 · ⑂ 1,221

    MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.

    • forensics
    • mobile
    • security
    • android
    • ios
    • forensics-tools
  19. 19
    jopohl/urh12,473 · ⑂ 1,011

    Universal Radio Hacker: Investigate Wireless Protocols Like A Boss

    • security
    • wireless
    • iot
    • hacking
    • hackrf
    • rtl-sdr
  20. 20
    secdev/scapy12,376 · ⑂ 2,216

    Scapy: the Python-based interactive packet manipulation program & library.

    • scapy
    • python
    • network
    • network-analysis
    • network-visualization
    • network-discovery
  21. 21
    bunkerity/bunkerweb10,639 · ⑂ 621

    🛡️ Open-source and cloud-native Web Application Firewall (WAF)

    • nginx
    • modsecurity
    • docker
    • security
    • dnsbl
    • reverse-proxy
  22. 22
    SigmaHQ/sigma10,619 · ⑂ 2,655

    Main Sigma Rule Repository

    • security
    • monitoring
    • siem
    • logging
    • signatures
    • elasticsearch
  23. 23
    frappe/frappe10,276 · ⑂ 5,046

    Low code web framework for real world applications, in Python and Javascript

    • frappe
    • erpnext
    • python
    • javascript
    • web-framework
    • full-stack
  24. 24
    sensepost/objection9,222 · ⑂ 982

    📱 objection - runtime mobile exploration

    • mobile
    • pentest
    • framework
    • ios
    • instrumentation
    • frida
  25. 25
    mailpile/Mailpile8,842 · ⑂ 1,007

    A free & open modern, fast email client with user-friendly encryption and privacy features

    • e-mail
    • security
    • pgp
    • search-engine
    • tags
    • imap-client

Find Python engineers shipping Security

The list above ranks the most-starred public Python repositories tagged with the Security topic, drawn from the public GitHub graph. Across 1,534 matching repositories, the contributors are a tight cluster of engineers with both Python chops and real Security experience.

That overlap is rare. Most Python engineers haven’t shipped Security, and most Security maintainers don’t write Python. The people on this list’s contributor graph are the ones who do both.

Refolk turns this list into a search. Ask for Python Security maintainers hiring” or Python engineers shipping Security in 2025” and Refolk returns a ranked shortlist with the commits, profiles, and projects behind each name.

How this list is built

Refolk searched GitHub for public Python repositories tagged with the Security topic, ranked them by stargazer count, and kept those with at least 25 stars. The list refreshes once a day.

Last refreshed: Sun, 21 Jun 2026 08:13:23 GMT

Need a more specific search?

Refolk runs natural-language searches across GitHub, LinkedIn, and the open web. Try one of these:

Related lists

See all repository lists.

Or zoom out