GitHub
github.com › PyCQA › bandit
GitHub - PyCQA/bandit: Bandit is a tool designed to find common security issues in Python code. · GitHub
Bandit is a tool designed to find common security issues in Python code. To do this Bandit processes each file, builds an AST from it, and runs appropriate plugins against the AST nodes.
Starred by 7.9K users
Forked by 748 users
Languages Python 99.9% | Dockerfile 0.1%
Safety
getsafety.com › home › safety cli
Safety CLI | Open Source Vulnerability Scanner
Safety CLI leverages our proprietary vulnerability database, detecting 4x more security issues than public sources. Every scan is backed by our team of security researchers and AI-powered analysis.
🐶 immunipy: Find vulnerable dependencies in your Python projects
This is a nice piece of work and a useful pyoxide example, thanks. But the implementation does not make a lot of sense. And it certainly would not be noticeably faster than a pure python version using requests to hit the vuln api. I don't get why people insist on mentioning "written in rust" as that somehow makes something faster. rust is not going to make your internet faster. More on reddit.com
9
27
July 29, 2024Common Python Vulnerabilities
Neat. I wasn't aware of all of these gotchas.
Floating point issues should always be kept in mind for all programming languages. I wish compilers would warn on using == with floats.
More on reddit.com 13
166
September 10, 2016HOT - Learning Python Web Penetration Testing
You're just sharing Lynda videos everywhere - do you have permission to do so?
More on reddit.com 9
60
October 4, 2016Best Open Source Equivalent to a PCI Approved Scan Vendor?
I think you're misunderstanding what an ASV scan entails; they're not performing web application scans (that would find XSS, SQLi, etc), instead they're performing network vuln scanning. So, you're essentially comparing two types of tools: a "Nessus" type tool and a "WebInspect" type tool. They both have their uses, but the ASV scan that your clients are getting is a "Nessus" type scan, as automated application security scans are not required by any aspect of the PCI-DSS. It may pick off obvious out-of-date versions of service banners, etc, but it's not performing web application vulnerability scans that would go into the detail that would get XSS, etc. The details of approved ASV Scanning tools include that they meet these characteristics (and I quote from the PCI SSC's ASV training material): Be non-disruptive Perform host discovery Perform service discovery Perform OS and service fingerprinting Have platform independence Be accurate Account for load balancers Perform a scan without interference from an IDS/IPS So, given that, if you want a free option that your clients can use to simulate what their ASV is doing, I recommend Nessus, although if you're going to be using it for them (and they're paying you to do it) you'd be in violation of their TOS/License Agreement. If you want a WebApp vuln scanner on the cheap, I recommend a tool like NetSparker, which while not perfect, is decent at getting the low hanging fruit. Burp Suite's active scanner can also be pretty good, as long as you use it in tandem with manual testing. Qualifications: I have performed ASV scans for clients, use vuln scanners regularly, have done product comparisons of various webapp vuln scanners. More on reddit.com
12
4
October 31, 2012Videos
05:14
Build a Python Vulnerability Scanner | Search CVE - YouTube
Is Your Python Code Actually Secure? Here's How to Check
08:37
Python - Bandit - Security scan your python code - YouTube
27:22
Build a Network & Vulnerability Scanner in Python | Ethical Hacking ...
10:23
Python for Cybersecurity: Building a Vulnerability Scanner - YouTube
01:36:30
Detecting Code Vulnerabilities Using Python with AI and LLMs - YouTube
PyPI
pypi.org › project › safety
safety · PyPI
Safety CLI is a Python dependency vulnerability scanner designed to enhance software supply chain security by detecting packages with known vulnerabilities and malicious packages in local development environments, CI/CD, and production systems.
» pip install safety
Published Nov 06, 2025
Version 3.7.0
GitHub
github.com › psantana5 › vuln-scanner
GitHub - psantana5/vuln-scanner: A python script that checks for many vulnerabilities, such as XSS, SQL Injection, CSRF, etc. · GitHub
The Vulnerability Scanner is a Python-based tool that scans web applications for various vulnerabilities. It leverages the Requests library to interact with the target URLs and identifies potential security weaknesses.
Starred by 32 users
Forked by 9 users
Languages Python
freeCodeCamp
freecodecamp.org › news › build-a-web-application-security-scanner-with-python
Building a Simple Web Application Security Scanner with Python: A Beginner's Guide
December 12, 2024 - In this article, you are going to learn to create a basic security tool that can be helpful in identifying common vulnerabilities in web applications. I have two goals here. The first is to empower you with the skills to develop tools that can help enhance the overall security posture of your websites. The second is to help you practice some Python programming. In this guide, you will be building a Python-based security scanner that can detect XSS, SQL injection, and sensitive PII (Personally Identifiable Information).
Mohamed Ezzat
mohamedaezzat.github.io › posts › vulnerabilityscanner
Writing a vulnerability scanner using python | Mohamed Ezzat
December 13, 2020 - So, we are going to convert the port scanner program into a class then import it into our vulnerability scanner program to scan our target then determine the open ports and discover some of services that are running over these open ports then we are going to create a list of common vulnerable services in a text file as our database to compare our discovered services with that list and if we find matches that means we discovered vulnerable services that can be exploited. Here is a port scanner class as depicted below. what we just did is defining the class name “class portscan()” at the fir
Red Hat
redhat.com › en › blog › find-python-vulnerabilities
How to find third-party vulnerabilities in your Python code
November 20, 2025 - A good project keeps versions up to date when a vulnerability is found, and tools like pip-audit make this job easier. Here's how to use pip-audit to scan your Python project and learn whether any of your third-party libraries have known ...
Snyk
snyk.io › platform › snyk-python-security
Python Security Platform | Snyk
Snyk continuously monitors your apps for vulnerabilities in real time. Apply in-line security fixes in your IDE or merge suggested fix PRs. Snyk supports your favorite Python package managers, frameworks, libraries, and IDEs.
GitHub
github.com › topics › vulnerability-scanners
vulnerability-scanners · GitHub Topics · GitHub
scanner enumeration penetration-testing ... security-scanning ... Safety checks Python dependencies for known security vulnerabilities and suggests the proper remediations for vulnerabilities detected....
PyPI
pypi.org › project › pip-audit
pip-audit · PyPI
A tool for scanning Python environments for known vulnerabilities
» pip install pip-audit
Published Dec 01, 2025
Version 2.10.0
Repository https://github.com/pypa/pip-audit
Homepage https://pypi.org/project/pip-audit/
Safetycli
docs.safetycli.com › safety-docs › safety-cli › scanning-for-vulnerable-and-malicious-packages
Scanning for Vulnerable and Malicious Packages | Safety Documentation
3 weeks ago - Scan your Python project's entire directory for Python package files and Python virtual environments, indexing all the packages found. Conduct a security analysis of these packages against known security vulnerabilities and malicious package lists.
Geekflare
geekflare.com › security › how to find security vulnerabilities in python application?
How to Find Security Vulnerabilities in Python Application?
December 22, 2024 - Furthermore, PyUp maintains a database of vulnerabilities, and to date, it has recorded 472,750 Python dependencies. Its scanners are built for solving complex environments and scanning your files for outdated and insecure requirements.
GuardRails
guardrails.io › languages › python-code-security
Python Code Security Checker | Keep Your Code Safe with GuardRails | GuardRails
Make sure your Python code is safe and secure with GuardRails. Our Python code security checker will help you find and fix any vulnerabilities early.
ZeroThreat
zerothreat.ai › python-vulnerability-scanner
Python Vulnerability Scanner | Python Pentesting Tool
February 7, 2025 - Protect your Python apps from security threats with our Python vulnerability scanner. Enhance your cybersecurity with our automated pentesting capabilities.
Medium
medium.com › @carylrobert16 › how-to-build-a-basic-vulnerability-scanner-in-python-using-apis-for-beginners-1e5c39b29468
How to Build a Basic Vulnerability Scanner in Python Using APIs (For Beginners) | by Carylrobert | Medium
July 26, 2025 - In this guide, we built a basic vulnerability scanner in Python using public APIs. You learned how to: ... This is a great first step in building your own security tools, and learning how professional scanners work.
GitHub
github.com › pokharelshail › python-secure-code-scan
GitHub - pokharelshail/python-secure-code-scan: Python Security Scanner is an open-source tool that scans Python codebases in GitHub repositories and local directories. It uses Bandit to detect security vulnerabilities and checks for exposed secrets in configuration files, providing detailed security reports to help ensure code safety. · GitHub
This project is a Python-based security scanner that works with both GitHub repositories and local directories. Currently, it scans only Python files for vulnerabilities, using Bandit for code analysis and checking for exposed secrets in ...
Starred by 3 users
Forked by 3 users
Languages Python
Linux Security Expert
linuxsecurity.expert › linux security expert › security tools › python security tools
Python security tools - Linux Security Expert
Another use-case would be to use this tool to analyze existing projects and find possible flaws. ... Python Taint (or PyT) is a static code analyzer for Python scripts and applications. It tries to discover vulnerabilities or other possible ...
Python⇒Speed
pythonspeed.com › articles › docker-python-security-scan
Security scanners for Python and Docker: from code to dependencies
January 30, 2026 - Automated security scanners are handy! Another tool to look at is pysa, which is included in the Pyre type checker. It can trace values as they flow through your code to see if unsafe inputs are reaching particular functions. Your Python application likely depends on many Python libraries; occasionally one of them will have a security vulnerability, and you’ll want to make sure you’re using the fixed version.
Reddit
reddit.com › r/python › 🐶 immunipy: find vulnerable dependencies in your python projects
r/Python on Reddit: 🐶 immunipy: Find vulnerable dependencies in your Python projects
July 29, 2024 -
What My Project Does
I've created immunipy a Python SCA tool that acts as a watchdog, keeping an eye out for security vulnerabilities and reporting them promptly, written in Rust. immunipy will scan your requirements.txt or poetry.lock files and search for existing vulnerabilities in your dependencies, if any of your dependencies is reported as vulnerable then you will get the information, such as: package, version, fixed version (if exists), vuln id, aliases and the location.
It's easy to use and is really fast, all the vulnerabilities are reported in real time.
Target Audience
I think that immunipy is useful for every project, specially the production ready ones, due that every time that you run it you will get an instant scan of your dependencies.
Comparison
It's easy to use, just pip install immunipy and you can run it! Also, you can add it in your CI/CD pipeline and run it regularly, this is useful if you want to keep your projects free of vulnerable dependencies.
Top answer 1 of 2
20
This is a nice piece of work and a useful pyoxide example, thanks. But the implementation does not make a lot of sense. And it certainly would not be noticeably faster than a pure python version using requests to hit the vuln api. I don't get why people insist on mentioning "written in rust" as that somehow makes something faster. rust is not going to make your internet faster.
2 of 2
10
Could you explain why members of the Python community should prefer this over PyPA tooling like pip-audit and the PyPA Advisory DB ? There may be good reasons, but I don't feel like this post elaborates on them! (FD: I help maintain pip-audit, which was purpose-built to be a vendor-neutral vulnerability reporting tool for Python. But there are other popular ones out there; Safety also seems to be widely used.)
GitHub
github.com › topics › security-scanner
security-scanner · GitHub Topics · GitHub
python security penetration-testing infosec security-scanner security-tools default-creds ... A modular vulnerability scanner with automatic report generation capabilities.