๐ŸŒ
PyPI
pypi.org โ€บ project โ€บ safety
safety ยท PyPI
Leveraging the industry's most comprehensive database of vulnerabilities and malicious packages, Safety CLI Scanner allows teams to detect vulnerabilities at every stage of the software development lifecycle.
      ยป pip install safety
    
Published ย  May 29, 2026
Version ย  3.8.1
๐ŸŒ
Greenbone Community Forum
forum.greenbone.net โ€บ building from source and advanced topics โ€บ greenbone management protocol (gmp)
Vulnerability Scan with Python - Greenbone Management Protocol (GMP) - Greenbone Community Forum
May 2, 2024 - Good afternoom, how are you? I need to create an script in Python for deploy vulnerabilities scans in OpenVas, but i look in the API and i not find any that help me. Somebody can i help me?
Discussions

Pyscan: A command-line tool to detect security issues in your python dependencies.
Where do the vulnerabilities get picked up from ? More on reddit.com
๐ŸŒ r/Python
15
50
October 15, 2023
๐Ÿถ immunipy: Find vulnerable dependencies in your Python projects
This is a nice piece of work and a useful pyoxide example, thanks. But the implementation does not make a lot of sense. And it certainly would not be noticeably faster than a pure python version using requests to hit the vuln api. I don't get why people insist on mentioning "written in rust" as that somehow makes something faster. rust is not going to make your internet faster. More on reddit.com
๐ŸŒ r/Python
9
27
July 29, 2024
Developer Edition Injection Vulnerability Scanning with the Python Psycopg2 Library
According to the documentation, the Python libraries Flask and Django are supported by the injection vulnerability scanner. I believe Psycopg2 is used by Django underneath and has essentially the same syntax. Does SonarQube support scanning for injection vulnerabilities when using the Psycopg2 ... More on community.sonarsource.com
๐ŸŒ community.sonarsource.com
16
0
February 4, 2021
Common Python Vulnerabilities

Neat. I wasn't aware of all of these gotchas.

Floating point issues should always be kept in mind for all programming languages. I wish compilers would warn on using == with floats.

More on reddit.com
๐ŸŒ r/netsec
13
166
September 10, 2016
๐ŸŒ
Red Hat
redhat.com โ€บ en โ€บ blog โ€บ find-python-vulnerabilities
How to find third-party vulnerabilities in your Python code
November 20, 2025 - A good project keeps versions up to date when a vulnerability is found, and tools like pip-audit make this job easier. Here's how to use pip-audit to scan your Python project and learn whether any of your third-party libraries have known ...
๐ŸŒ
GitHub
github.com โ€บ psantana5 โ€บ vuln-scanner
GitHub - psantana5/vuln-scanner: A python script that checks for many vulnerabilities, such as XSS, SQL Injection, CSRF, etc. ยท GitHub
A python script that checks for many vulnerabilities, such as XSS, SQL Injection, CSRF, etc. - psantana5/vuln-scanner
Starred by 33 users
Forked by 9 users
Languages ย  Python
๐ŸŒ
Reddit
reddit.com โ€บ r/python โ€บ pyscan: a command-line tool to detect security issues in your python dependencies.
r/Python on Reddit: Pyscan: A command-line tool to detect security issues in your python dependencies.
October 15, 2023 -

pyscan v0.1.6 | Github

  • can be used within large projects.

  • automatically finds dependencies either from configuration files or within source code.

  • support for poetry,hatch,filt,pdm and can be integrated into existing build processes.

  • hasn't been battle-hardened yet. PRs and issue makers welcome.

Install

pip install pyscan-rs

or

cargo install pyscan

Usage

Go to your project directory and run:

pyscan

or

pyscan -d path/to/src

I posted here about 5 months ago regarding pyscan's release, its been improving ever since but its still not there yet. It is a dependency vulnerability scanner at the moment but i'd like to expand this tool so that it could make PyPI's ecosystem a little less scary and let developers download packages without worrying about supply-chain issues. Grateful for all the support so far from the Python community.

๐ŸŒ
Safety
getsafety.com โ€บ home โ€บ safety cli
Safety CLI | Open Source Vulnerability Scanner
Detect and fix vulnerable dependencies with the most comprehensive Python, Java, and JavaScript security scanner.
๐ŸŒ
Mohamed Ezzat
mohamedaezzat.github.io โ€บ posts โ€บ vulnerabilityscanner
Writing a vulnerability scanner using python | Mohamed Ezzat
December 13, 2020 - So, we are going to convert the port scanner program into a class then import it into our vulnerability scanner program to scan our target then determine the open ports and discover some of services that are running over these open ports then we are going to create a list of common vulnerable services in a text file as our database to compare our discovered services with that list and if we find matches that means we discovered vulnerable services that can be exploited. Here is a port scanner class as depicted below. what we just did is defining the class name โ€œclass portscan()โ€ at the fir
Find elsewhere
๐ŸŒ
Aikido
aikido.dev โ€บ home โ€บ articles โ€บ top python security tools
Top Python Security Tools for Safe Python Development
December 10, 2025 - See the best Python security tools to scan packages, lint code, find vulnerabilities and protect your Python applications from common attacks.
๐ŸŒ
PyPI
pypi.org โ€บ project โ€บ pip-audit
pip-audit ยท PyPI
A tool for scanning Python environments for known vulnerabilities
      ยป pip install pip-audit
    
Published ย  Jun 10, 2026
Version ย  2.10.1
๐ŸŒ
Medium
medium.com โ€บ @carylrobert16 โ€บ how-to-build-a-basic-vulnerability-scanner-in-python-using-apis-for-beginners-1e5c39b29468
How to Build a Basic Vulnerability Scanner in Python Using APIs (For Beginners) | by Carylrobert | Medium
July 26, 2025 - Youโ€™ve probably used tools like Nessus, OpenVAS, or Nmap โ€” but have you ever wondered how to build your own vulnerability scanner? The good news is: you can, and itโ€™s easier than you think. In this guide, weโ€™ll walk through building a simple Python vulnerability scanner using public vulnerability APIs.
๐ŸŒ
freeCodeCamp
freecodecamp.org โ€บ news โ€บ build-a-web-application-security-scanner-with-python
Building a Simple Web Application Security Scanner with Python: A Beginner's Guide
December 12, 2024 - In this article, you are going to learn to create a basic security tool that can be helpful in identifying common vulnerabilities in web applications. I have two goals here. The first is to empower you with the skills to develop tools that can help enhance the overall security posture of your websites. The second is to help you practice some Python programming. In this guide, you will be building a Python-based security scanner that can detect XSS, SQL injection, and sensitive PII (Personally Identifiable Information).
๐ŸŒ
Reddit
reddit.com โ€บ r/python โ€บ ๐Ÿถ immunipy: find vulnerable dependencies in your python projects
r/Python on Reddit: ๐Ÿถ immunipy: Find vulnerable dependencies in your Python projects
July 29, 2024 -

What My Project Does

I've created immunipy a Python SCA tool that acts as a watchdog, keeping an eye out for security vulnerabilities and reporting them promptly, written in Rust. immunipy will scan your requirements.txt or poetry.lock files and search for existing vulnerabilities in your dependencies, if any of your dependencies is reported as vulnerable then you will get the information, such as: package, version, fixed version (if exists), vuln id, aliases and the location.

It's easy to use and is really fast, all the vulnerabilities are reported in real time.

Target Audience

I think that immunipy is useful for every project, specially the production ready ones, due that every time that you run it you will get an instant scan of your dependencies.

Comparison

It's easy to use, just pip install immunipy and you can run it! Also, you can add it in your CI/CD pipeline and run it regularly, this is useful if you want to keep your projects free of vulnerable dependencies.

๐ŸŒ
Medium
medium.com โ€บ @rajkumarkumawat โ€บ i-built-an-ai-powered-network-vulnerability-scanner-using-python-nmap-cve-a-local-llm-211f261f8625
๐Ÿค– I Built an AI-Powered Network Vulnerability Scanner Using Python, Nmap, CVE & a Local LLM | by Rajkumar Kumawat | Medium
July 18, 2025 - It scans a target IP, detects open ports and services, matches CVEs from the National Vulnerability Database (NVD), and then uses a local LLM via Ollama to generate remediation suggestions โ€” all offline. Cybersecurity tools are either too simple or too bloated. I wanted something: ... โœ… Nmap-based port + version detection โœ… CVE matching from the NVD (offline-supported) โœ… Integration with a local LLM (like Mistral or LLaMA3) via Ollama โœ… Markdown report generation โœ… Clean CLI interface โœ… Fully Python-based and modular
๐ŸŒ
Snyk
snyk.io โ€บ platform โ€บ snyk-python-security
Python Security Platform | Snyk
Snyk continuously monitors your apps for vulnerabilities in real time. Apply in-line security fixes in your IDE or merge suggested fix PRs. Snyk supports your favorite Python package managers, frameworks, libraries, and IDEs.
๐ŸŒ
Sonar Community
community.sonarsource.com โ€บ sonarqube server / community build
Developer Edition Injection Vulnerability Scanning with the Python Psycopg2 Library - SonarQube Server / Community Build - Sonar Community
February 4, 2021 - According to the documentation, the Python libraries Flask and Django are supported by the injection vulnerability scanner. I believe Psycopg2 is used by Django underneath and has essentially the same syntax. Does SonarQube support scanning for injection vulnerabilities when using the Psycopg2 ...
๐ŸŒ
IEEE Xplore
ieeexplore.ieee.org โ€บ document โ€บ 9718899
Design and Implementation of High-performance Web Vulnerability Scanner Based on Python Intelligent Crawler | IEEE Conference Publication | IEEE Xplore
With the rapid development of the Internet, Web security issues have become more and more prominent. A series of problems exist on Web vulnerability scanners in the market such as insufficient scanning accuracy, large software, low scalability and so on. Therefore,this article written on the ...
๐ŸŒ
Safety
getsafety.com
Safety - The AI Development Security Platform
Unlike other scanners that rely on public feeds such as the NVD or GitHub Security Advisories, Safety goes to the source โ€” analyzing every software package release to find vulnerabilities and malicious behavior not reported to public feeds.
๐ŸŒ
GitHub
github.com โ€บ ohaswin โ€บ pyscan
GitHub - ohaswin/pyscan: python dependency vulnerability scanner, written in Rust. ยท GitHub
Pyscan is a highly concurrent vulnerability scanner written in Rust. It automatically traverses your Python project, extracts dependencies across various packaging formats, and cross-references them against the Open Source Vulnerabilities (OSV) ...
Starred by 251 users
Forked by 9 users
Languages ย  Rust 76.8% | Shell 12.4% | JavaScript 10.1% | Python 0.7%
๐ŸŒ
ZeroThreat
zerothreat.ai โ€บ python-vulnerability-scanner
Python Vulnerability Scanner | Python Pentesting Tool
February 7, 2025 - Our Python scanning tool eliminates complex security threats by uncovering vulnerabilities with 99.9% accuracy and offering detailed test results.
๐ŸŒ
Armur AI
armur.ai โ€บ python
Python Security Scanner | Code Security Checking for Python
Find vulnerabilities in your Python code with our Python Vulnerability Scanner. Static Source Code Analysis for Python Code Security.