Top 23 Python Malware Projects

• hosts

  38 25,373 9.5 Python

  🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.

  Project mention: Does PiHole block porn? | /r/pihole | 2023-12-06

  Not by default but a blocklist can be found here https://github.com/StevenBlack/hosts

• wifiphisher

  0 12,659 1.3 Python

  The Rogue Access Point Framework

  

• WorkOS

  workos.com

  sponsored

  The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  

• theZoo

  5 10,654 2.8 Python

  A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

  Project mention: TheZoo a.k.a. Malware DB | news.ycombinator.com | 2023-08-18

• volatility

  1 6,890 0.0 Python

  An advanced memory forensics framework

  

  Project mention: What is the appropriate uncompressed kernel ELF to use with dwarf2json? [ 5.19.0-42-generic #43~22.04.1-Ubuntu ], in order to create generate a custom symbols table to conduct linux memory forensics on Ubuntu 22.04? | /r/computerforensics | 2023-05-28

  I need this to create generate a custom symbols table (using dwarf2json), in order to run a memory dump acquired by Ubuntu 22.04, as Ubuntu 22.04 kernel does not work anymore with volatility 2 (Issue here: volatilityfoundation/volatility#828)

• pyWhat

  0 6,338 0.0 Python

  🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙‍♀️

• maltrail

  1 5,721 10.0 Python

  Malicious traffic detection system

  Project mention: Maltrail: Malicious traffic detection system | /r/selfhosted | 2023-07-05

  I just wanted to tell you about Maltrail (https://github.com/stamparm/maltrail/).

• qiling

  1 4,817 6.2 Python

  A True Instrumentable Binary Emulation Framework

  

  Project mention: Qiling: A True Instrumentable Binary Emulation Framework | news.ycombinator.com | 2024-04-01

• InfluxDB

  www.influxdata.com

  sponsored

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• flare-floss

  0 3,000 9.3 Python

  FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.

  

• malwoverview

  0 2,693 7.5 Python

  Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest and it is able to scan Android devices against VT.

• volatility3

  1 2,184 9.4 Python

  Volatility 3.0 development

  

  Project mention: Volatility 3 2.4.1 - New Linux and Windows plugins | /r/blueteamsec | 2023-04-22

• APT_REPORT

  0 2,167 9.0 Python

  Interesting APT Report Collection And Some Special IOC

• CAPEv2

  0 1,636 9.9 Python

  Malware Configuration And Payload Extraction

• yarGen

  0 1,444 5.5 Python

  yarGen is a generator for YARA rules

• ThePhish

  9 1,005 0.0 Python

  ThePhish: an automated phishing email analysis tool

  Project mention: How do you deal with phising emails at your company? | /r/cybersecurity | 2023-05-14

• drakvuf-sandbox

  0 979 8.4 Python

  DRAKVUF Sandbox - automated hypervisor-level malware analysis system

  

• intelmq

  0 922 9.1 Python

  IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.

  

• empyrean

  0 901 2.6 Python

  Easy to use and open-source stealer that's super effective

• Luna-Grabber

  1 721 7.0 Python

  The best discord token grabber made in python

  Project mention: EMERGENCY~!!!! Have been Doxxed | /r/pchelp | 2023-07-05

  I believe the program is something called Luna Grabber which has the ability to know if it is being used on a VM or not. However, there isn't much data on how to actually remove it from the computer. https://github.com/Smug246/Luna-Grabber

• opensquat

  2 647 6.1 Python

  The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains.

  Project mention: Have I Been Squatted? | news.ycombinator.com | 2023-11-27

  A different solution that runs locally is opensquat.

  https://github.com/atenreiro/opensquat

• packj

  4 612 7.2 Python

  Packj stops :zap: Solarwinds-, ESLint-, and PyTorch-like attacks by flagging malicious/vulnerable open-source dependencies ("weak links") in your software supply-chain

  

  Project mention: Rust Without Crates.io | news.ycombinator.com | 2023-11-14

  Creator of Packj [1] here. How do you envision sandboxing/security policies will be specified? Per-lib policies when you've hundreds of dependencies will become overwhelming. Having built an eBPF-based sandbox [2], I anticipate that accuracy will be another challenge here: too restrictive will block functionality, too permissive defeats the purpose.

  1. https://github.com/ossillate-inc/packj flags malicious/risky NPM/PyPI/RubyGems/Rust/Maven/PHP packages by carrying out static+dynamic+metadata analysis.

• Python-Rootkit

  0 548 1.8 Python

  Python Remote Administration Tool (RAT) to gain meterpreter session

• misp-galaxy

  1 478 9.8 Python

  Clusters and elements to attach to MISP events or attributes (like threat actors)

  

  Project mention: Foreign Travel Risks | /r/cybersecurity | 2023-04-26

  MISP Threat Actor Galaxy

• MalConfScan

  0 467 3.3 Python

  Volatility plugin for extracts configuration data of known malware

  

• SaaSHub

  www.saashub.com

  sponsored

  SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

  

Python Malware related posts

• Qiling: A True Instrumentable Binary Emulation Framework
  1 project | news.ycombinator.com | 1 Apr 2024
• Does PiHole block porn?
  2 projects | /r/pihole | 6 Dec 2023
• Steven Black DNS blocklist blocked gstatic.com
  2 projects | news.ycombinator.com | 6 Dec 2023
• Big things are happening with RaspAP's Ad Blocking 🛑 Users will soon have more blocklist sources to choose from
  2 projects | /r/RaspAP | 8 Oct 2023
• TheZoo a.k.a. Malware DB
  1 project | news.ycombinator.com | 18 Aug 2023
• I installed Firefox + uBlock Origin like everyone suggested in my previous post, but this pop-up still appears, now with a 5 sec timer.
  1 project | /r/Piracy | 16 Aug 2023
• “We have nothing to do with ads ” (2021)
  1 project | news.ycombinator.com | 26 Jul 2023
• A note from our sponsor - SaaSHub
  www.saashub.com | 16 Apr 2024

  SaaSHub helps you find the best software and product alternatives Learn more →

Index

Sponsored

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com

Do not miss the trending Python projects with our weekly report!