Checks how vulnerable is a package.
It provides informations to asses if a package is safe enough for the use case.

The tool provides analysis for each line of code too.

A python script to help red teamers discover KeePass instances and extract secrets.

1. use product instead of nested python for-loops
2. use the walrus operator for assignment expressions
3. use ternary conditional operator if the assignment is simple
4. use lambda function to define simple functions
5. use list comprehensions
6. leverage the Higher Order functions of python such as map and other iterable functions.
7. use union operators to merge dictionaries
8. use f-strings to format strings
9. use asteriks for unpacking iterables and destructuring assignment

WebOSINT is a tool that retrieves domain information based on different APIs.

The different APIs used need an account, but there is a free trial.

A small project but cool :D

Automate screenshots of websites with this tool for the command-line interface.

An introduction (fr): https://korben.info/shot-scraper-capturer-site-web.html

An OSINT tool to search fast for accounts by username across 574 sites.

Github: https://github.com/p1ngul1n0/blackbird

mat2 is a metadata removal tool, supporting a wide range of commonly used file formats, written in python3: at its core, it's a library, used by an eponymous command-line interface, as well as several file manager extensions.

Schemathesis is a modern API testing tool for web applications built with Open API and GraphQL specifications.

Doing data analysis by storing the data in an SQLite database.

The documentation can be found on datasette.io

The more I follow the Deno project and its community, the more I think it would be easier to use Typescript and the environment of Deno to write scripts.

Python is not so much robust without types. The amount of time my script logic was correct, but I miss the type of some variable, causing a xx minute time of debugging. The type annotations are currently complex to use and overkill for scripts, where typescript shines.

To test he new "this probably should be an f string" checker, they generated a list of the most popular python repositories on Github by using Github's topic search API [with this script].

With the rule:

GIVEN a string does not have an f prefix
WHEN the string contains {foo}
AND foo is in scope
THEN it’s probably missing an f prefix

And minimizing the false positive such as

• The string is later used in an str.format(…) call or str.format_map(…)
• The string is used in behave style test `@when('{user} accesses {url}.')

Topics:

• Date and time formatting
• Variable names and debugging
• __repr__ and __str__
• Superior performance
• Full power of formatting spec
• Nested F-Strings
• Conditionals formatting
• Lambda expressions

A tool that runs code in a file and replace it with the output.

Ha !

RIIR ou at least in python 3.

Dependency: pygithub3