Skip to content
Go to file

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time

Join the chat at Known Vulnerabilities SonarCloud Build Status Codacy Badge Rawsec's CyberSecurity Inventory


PatrOwl is a scalable, free and open-source solution for orchestrating Security Operations.
PatrowlManager is the Front-end application for managing the assets, reviewing risks on real-time, orchestrating the operations (scans, searches, API calls, ...), aggregating the results, relaying alerts on third parties (ex: Incident Response platform like TheHive, Splunk, ...) and providing the reports and dashboards. Operations are performed by the PatrowlEngines instances. Don't forget to install and deploy them ;)

Project pitch desk

PatrOwl Pitch Desk

Try it now!

To try PatrOwl, install it by reading the Installation Guide and the User Guide.


Fully-Developed in Python, PatrOwl is composed of a Front-end application PatrowlManager (Django) communicating with one or multiple PatrowlEngines micro-applications (Flask) which perform the scans, analyze the results and format them in a normalized way. It remains incredibly easy to customize all components. Asynchronous tasks and engine scalability are supported by RabbitMQ and Celery. Architecture
The PatrowlManager application is reachable using the embedded WEB interface or using the JSON-API. PatrowlEngines are only available through generic JSON-API calls (see Documentation).


PatrOwl is an open source and free software released under the AGPL (Affero General Public License). We are committed to ensure that PatrOwl will remain a free and open source project on the long-run.


Information, news and updates are regularly posted on Twitter account and on the blog.


Please see our Code of conduct. We welcome your contributions. Please feel free to fork the code, play with it, make some patches and send us pull requests via issues.


  • Enhance finding states management
  • Support scan campaigns (multiple scan definition)
  • Support cache
  • Refactor static files (remove unused ?)

Follow our public roadmap on Trello here


Please open an issue on GitHub if you'd like to report a bug or request a feature. We are also available on Gitter to help you out.

If you need to contact the project team, send an email to

Pro Edition and SaaS

A commercial Pro Edition is available and officially supported by the PatrOwl company. It includes following extra and awesome features:

  • Advanced user management
  • RBAC: Multiple roles are supported to restrict users privileges on features
  • Multi-tenancy: assets and scans results can be shared with user teams
  • 3rd party authentication: Azure Active Directory, ADFS (Windows 2012 and 2016), LDAP
  • Terraform+Ansible deployment scripts
  • Pro Engines including: ZAP, Nikto, Microsoft Cloud App Security, CloudSploit and Onyphe
  • Pro Support
  • Autonomous asset discovery (in progress, planned to Q3 2020)
  • Vulnerability prioritization (in progress, planned to Q3 2020)
  • Ticketing system integration, including JIRA, ServiceNow, ZenDesk and GLPI (in progress, planned to Q4 2020)

This version is also available on the official SaaS platform. See:

Commercial Services

Looking for advanced support, training, integration, custom developments, dual-licensing ? Contact us at

Security contact

Please disclose any security-related issues or vulnerabilities by emailing, instead of using the public issue tracker.


Copyright (C) 2018-2020 Nicolas MATTIOCCO (@MaKyOtOx -

Travis build status

Branch Status
master Build Status
develop Build Status
You can’t perform that action at this time.