mwdb-core
pyc2bytecode
mwdb-core | pyc2bytecode | |
---|---|---|
1 | 1 | |
298 | 128 | |
2.3% | - | |
8.4 | 0.0 | |
9 days ago | 12 months ago | |
Python | Python | |
GNU General Public License v3.0 or later | - |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
mwdb-core
pyc2bytecode
-
PSA: Global QR Code bot could have malware...
I was able to figure out that this is a python program which was compiled to an .exe. Using uncompyle6 and pyc2bytecode, I was able to decompile the .exe into the python bytecode...but I'm no expert at reading python bytecode. If you want to do this yourself, note that you will need to use the same version of python as the version used to make the exe (python 3.9). I did easily by changing the python_version in my Pipfile to 3.9 and using pipenv shell.
What are some alternatives?
karton - Distributed malware processing framework based on Python, Redis and S3.
OneNoteAnalyzer - A C# based tool for analysing malicious OneNote documents
karton-playground
intelmq - IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
toolkit - The essential toolkit for reversing, malware analysis, and cracking
pyWhat - 🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙♀️
python-uncompyle6 - A cross-version Python bytecode decompiler
AMAYARA-Lab - The アマヤラ Lab project provides a ready-to-use Jupyter Lab environment to help out with Android malware analysis using YARA rules.
spiderfoot - SpiderFoot automates OSINT for threat intelligence and mapping your attack surface.
pyhidra - Pyhidra is a Python library that provides direct access to the Ghidra API within a native CPython interpreter using jpype.
pwndbg - Exploit Development and Reverse Engineering with GDB Made Easy