Python Malware

Open-source Python projects categorized as Malware | Edit details

Top 22 Python Malware Projects

  • GitHub repo hosts

    🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.

    Project mention: Can you make MIUI private? (Xiaomi OS) | | 2022-01-20

    Your device is haydn, right? Maybe try xiaomi eu rom, it should be less bloated so less telemetry but yeah it is still based on same chinese source. Install adaway on top of that with this list.

  • GitHub repo wifiphisher

    The Rogue Access Point Framework

    Project mention: Create a Wi-Fi hotspot for data interception | | 2021-02-10

    You could do almost the same thing with this, it's a great tool to clone a wifi asking you the password while disauth the original hostpot.

  • OPS

    OPS - Build and Run Open Source Unikernels. Quickly and easily build and deploy open source unikernels in tens of seconds. Deploy in any language to any cloud.

  • GitHub repo theZoo

    A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

    Project mention: accounts had unauthorized withdrawals | | 2022-01-20

    That's a pretty funny definition of "legitimate". By that standard, all of this malware is legitimate too!

  • GitHub repo volatility

    An advanced memory forensics framework

    Project mention: Linux newbie question | | 2021-11-18

    The problem: I need to install volatility memory forensics tool. I used a recommended link from the course. Then I used terminal to install the tool with:

  • GitHub repo pyWhat

    🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙‍♀️

    Project mention: Tips for Making a Popular Open-Source Project in 2021 [Ultimate Guide] | | 2021-11-12
  • GitHub repo maltrail

    Malicious traffic detection system

    Project mention: How do you run self-hosted software? | | 2021-02-15

    last docker discovery : maltrail ( , about to be moved from VM to docker)

  • GitHub repo pwndbg

    Exploit Development and Reverse Engineering with GDB Made Easy

    Project mention: Awesome CTF : Top Learning Resource Labs | | 2021-11-13

    Pwndbg - A GDB plugin that provides a suite of utilities to hack around GDB easily.

  • SonarLint

    Deliver Cleaner and Safer Code - Right in Your IDE of Choice!. SonarLint is a free and open source IDE extension that identifies and catches bugs and vulnerabilities as you code, directly in the IDE. Install from your favorite IDE marketplace today.

  • GitHub repo qiling

    Qiling Advanced Binary Emulation Framework

    Project mention: Qiling – Advanced Binary Emulation Framework | | 2022-01-20
  • GitHub repo malwoverview

    Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, ThreatCrowd, Valhalla, Malware Bazaar, ThreatFox, Triage and it is able to scan Android devices against VT and HA.

    Project mention: Malwoverview 4.3: support for Malware Bazaar and ThreatFox has been included | | 2021-03-10
  • GitHub repo intelmq

    IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.

    Project mention: What are your favorite open-sources tools? | | 2021-10-15


  • GitHub repo drakvuf-sandbox

    DRAKVUF Sandbox - automated hypervisor-level malware analysis system

    Project mention: Want to setup a malware analysis Sandbox on Windows 10. Almost giving up... | | 2021-07-21

    Why not have a look at DRAKVUF? Supports W10 2004 guests:

  • GitHub repo Python-Rootkit

    Python Remote Administration Tool (RAT) to gain meterpreter session

    Project mention: What programming languages should I learn to become a successful pentester? | | 2021-08-12
  • GitHub repo MalConfScan

    Volatility plugin for extracts configuration data of known malware

    Project mention: JPCERTCC/MalConfScan - Volatility plugin for extracts configuration data of known malware | | 2021-04-27
  • GitHub repo misp-galaxy

    Clusters and elements to attach to MISP events or attributes (like threat actors)

    Project mention: Learning about apt groups | | 2022-01-14 this is a solid source. If you want to see the MISP list of threat actors from their service you can look here . The painful thing about this topic is every security vendor has a different naming convention for the threat actors in question.

  • GitHub repo ThePhish

    ThePhish: an automated phishing email analysis tool

    Project mention: ThePhish: an automated phishing email analysis tool | | 2022-01-12

    Here is the repo:

  • GitHub repo teleRAT

    Telegram RAT written in Python

    Project mention: teleRAT: #Telegram #RAT escrito en #Python 🐱‍👤 | | 2021-03-21
  • GitHub repo aurora

    Malware similarity platform with modularity in mind. (by W3ndige)

    Project mention: Aurora: an open source Automated malware similarity platform with modularity in mind. | | 2021-06-06
  • GitHub repo impfuzzy

    Fuzzy Hash calculated from import API of PE files

    Project mention: Where do you get old versions of Visual C++? | | 2021-04-25

    I want to use this plugin so I try to install its required module, which fails (whether using 'pip' or '') for the same reason as distorm3. The installation of ssdeep as required by pyimpfuzzy also fails, but for a different reason that I haven't started looking into yet.

  • GitHub repo Lazarus-research

    Lazarus analysis tools and research report

    Project mention: JPCERTCC/Lazarus-research: Lazarus analysis tools and research report | | 2021-11-27
  • GitHub repo apooxml

    Generate YARA rules for OOXML documents.

    Project mention: Generate YARA rules for OOXML documents | | 2021-08-18
  • GitHub repo Backdoorcreator

    Exploit toolkit

    Project mention: Backdoorcreator: Esta herramienta creará una puerta trasera y escuchará las conexiones entrantes 🟣 | | 2021-08-08
  • GitHub repo centaur.04

    Lightweight malware analysis tool

    Project mention: Malware analysis tool | | 2021-08-18

    Centaur.04 is a malware analysis tool written in python. It uses the virus Total API to scan for malware using over 50 antivirus databases. Centaur.04 source code

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2022-01-20.

Python Malware related posts


What are some of the best open-source Malware projects in Python? This list will help you:

Project Stars
1 hosts 19,762
2 wifiphisher 10,418
3 theZoo 7,962
4 volatility 5,095
5 pyWhat 4,990
6 maltrail 4,335
7 pwndbg 4,247
8 qiling 3,070
9 malwoverview 1,641
10 intelmq 711
11 drakvuf-sandbox 558
12 Python-Rootkit 401
13 MalConfScan 376
14 misp-galaxy 338
15 ThePhish 328
16 teleRAT 85
17 aurora 71
18 impfuzzy 65
19 Lazarus-research 41
20 apooxml 33
21 Backdoorcreator 29
22 centaur.04 5
Find remote jobs at our new job board There are 29 new remote jobs listed recently.
Are you hiring? Post a new remote job listing for free.
Less time debugging, more time building
Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.