Top 22 Python Malware Projects

• hosts

  120 19,762 9.4 Python

  🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.

  Project mention: Can you make MIUI private? (Xiaomi OS) | reddit.com/r/privacy | 2022-01-20

  Your device is haydn, right? Maybe try xiaomi eu rom, it should be less bloated so less telemetry but yeah it is still based on same chinese source. Install adaway on top of that with this list.

• wifiphisher

  1 10,418 2.8 Python

  The Rogue Access Point Framework

  

  Project mention: Create a Wi-Fi hotspot for data interception | reddit.com/r/Hacking_Tutorials | 2021-02-10

  You could do almost the same thing with this https://github.com/wifiphisher/wifiphisher, it's a great tool to clone a wifi asking you the password while disauth the original hostpot.

• OPS

  github.com/nanovms

  sponsored

  OPS - Build and Run Open Source Unikernels. Quickly and easily build and deploy open source unikernels in tens of seconds. Deploy in any language to any cloud.

  

• theZoo

  30 7,962 3.5 Python

  A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

  Project mention: Crypto.com accounts had unauthorized withdrawals | news.ycombinator.com | 2022-01-20

  That's a pretty funny definition of "legitimate". By that standard, all of this malware is legitimate too! https://github.com/ytisf/theZoo

• volatility

  7 5,095 0.0 Python

  An advanced memory forensics framework

  

  Project mention: Linux newbie question | reddit.com/r/linuxquestions | 2021-11-18

  The problem: I need to install volatility memory forensics tool. I used a recommended link from the course. https://github.com/volatilityfoundation/volatility/wiki/Installation. Then I used terminal to install the tool with:

• pyWhat

  11 4,990 9.6 Python

  🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙‍♀️

  Project mention: Tips for Making a Popular Open-Source Project in 2021 [Ultimate Guide] | news.ycombinator.com | 2021-11-12

• maltrail

  1 4,335 10.0 Python

  Malicious traffic detection system

  Project mention: How do you run self-hosted software? | reddit.com/r/selfhosted | 2021-02-15

  last docker discovery : maltrail (https://github.com/stamparm/maltrail , about to be moved from VM to docker)

• pwndbg

  3 4,247 8.7 Python

  Exploit Development and Reverse Engineering with GDB Made Easy

  

  Project mention: Awesome CTF : Top Learning Resource Labs | reddit.com/r/TutorialBoy | 2021-11-13

  Pwndbg - A GDB plugin that provides a suite of utilities to hack around GDB easily.

• SonarLint

  www.sonarlint.org

  sponsored

  Deliver Cleaner and Safer Code - Right in Your IDE of Choice!. SonarLint is a free and open source IDE extension that identifies and catches bugs and vulnerabilities as you code, directly in the IDE. Install from your favorite IDE marketplace today.

  

• qiling

  5 3,070 9.7 Python

  Qiling Advanced Binary Emulation Framework

  

  Project mention: Qiling – Advanced Binary Emulation Framework | news.ycombinator.com | 2022-01-20

• malwoverview

  3 1,641 4.5 Python

  Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, ThreatCrowd, Valhalla, Malware Bazaar, ThreatFox, Triage and it is able to scan Android devices against VT and HA.

  Project mention: Malwoverview 4.3: support for Malware Bazaar and ThreatFox has been included | reddit.com/r/purpleteamsec | 2021-03-10

• intelmq

  3 711 9.6 Python

  IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.

  

  Project mention: What are your favorite open-sources tools? | reddit.com/r/blueteamsec | 2021-10-15

  IntelMQ

• drakvuf-sandbox

  2 558 8.7 Python

  DRAKVUF Sandbox - automated hypervisor-level malware analysis system

  

  Project mention: Want to setup a malware analysis Sandbox on Windows 10. Almost giving up... | reddit.com/r/cybersecurity | 2021-07-21

  Why not have a look at DRAKVUF? Supports W10 2004 guests: https://github.com/CERT-Polska/drakvuf-sandbox

• Python-Rootkit

  2 401 0.0 Python

  Python Remote Administration Tool (RAT) to gain meterpreter session

  Project mention: What programming languages should I learn to become a successful pentester? | reddit.com/r/HowToHack | 2021-08-12

• MalConfScan

  1 376 1.9 Python

  Volatility plugin for extracts configuration data of known malware

  

  Project mention: JPCERTCC/MalConfScan - Volatility plugin for extracts configuration data of known malware | reddit.com/r/GithubSecurityTools | 2021-04-27

• misp-galaxy

  1 338 8.6 Python

  Clusters and elements to attach to MISP events or attributes (like threat actors)

  

  Project mention: Learning about apt groups | reddit.com/r/threatintel | 2022-01-14

  https://attack.mitre.org/groups/ this is a solid source. If you want to see the MISP list of threat actors from their service you can look here https://github.com/MISP/misp-galaxy/blob/main/clusters/threat-actor.json . The painful thing about this topic is every security vendor has a different naming convention for the threat actors in question.

• ThePhish

  5 328 2.3 Python

  ThePhish: an automated phishing email analysis tool

  Project mention: ThePhish: an automated phishing email analysis tool | reddit.com/r/hackersec | 2022-01-12

  Here is the repo: https://github.com/emalderson/ThePhish

• teleRAT

  6 85 1.8 Python

  Telegram RAT written in Python

  Project mention: teleRAT: #Telegram #RAT escrito en #Python 🐱‍👤 | reddit.com/r/u_esgeeks | 2021-03-21

• aurora

  1 71 6.4 Python

  Malware similarity platform with modularity in mind. (by W3ndige)

  Project mention: Aurora: an open source Automated malware similarity platform with modularity in mind. | reddit.com/r/blueteamsec | 2021-06-06

• impfuzzy

  1 65 0.6 Python

  Fuzzy Hash calculated from import API of PE files

  

  Project mention: Where do you get old versions of Visual C++? | reddit.com/r/learnpython | 2021-04-25

  I want to use this plugin so I try to install its required module, which fails (whether using 'pip' or 'setup.py') for the same reason as distorm3. The installation of ssdeep as required by pyimpfuzzy also fails, but for a different reason that I haven't started looking into yet.

• Lazarus-research

  1 41 4.3 Python

  Lazarus analysis tools and research report

  

  Project mention: JPCERTCC/Lazarus-research: Lazarus analysis tools and research report | reddit.com/r/blueteamsec | 2021-11-27

• apooxml

  1 33 2.8 Python

  Generate YARA rules for OOXML documents.

  

  Project mention: Generate YARA rules for OOXML documents | reddit.com/r/purpleteamsec | 2021-08-18

• Backdoorcreator

  1 29 1.1 Python

  Exploit toolkit

  Project mention: Backdoorcreator: Esta herramienta creará una puerta trasera y escuchará las conexiones entrantes 🟣 | reddit.com/r/u_esgeeks | 2021-08-08

• centaur.04

  2 5 7.9 Python

  Lightweight malware analysis tool

  Project mention: Malware analysis tool | reddit.com/r/Python | 2021-08-18

  Centaur.04 is a malware analysis tool written in python. It uses the virus Total API to scan for malware using over 50 antivirus databases. Centaur.04 source code

Python Malware related posts

• Can you make MIUI private? (Xiaomi OS)
  1 project | reddit.com/r/privacy | 20 Jan 2022
• Qiling – Advanced Binary Emulation Framework
  1 project | news.ycombinator.com | 20 Jan 2022
• Python and C++ Hacking Projects
  1 project | reddit.com/r/AskNetsec | 18 Jan 2022
• Cutting specific pieces from a text file
  1 project | reddit.com/r/bash | 12 Jan 2022
• ThePhish: an automated phishing email analysis tool
  1 project | reddit.com/r/hackersec | 12 Jan 2022
• ThePhish: an automated phishing email analysis tool
  1 project | reddit.com/r/Information_Security | 12 Jan 2022
• ThePhish is an open-source tool that automates the entire phishing email analysis process starting from the extraction of the observables from the header and the body of an email to the elaboration of a verdict which is final in most cases. It is based on TheHive, Cortex and MISP.
  1 project | reddit.com/r/netsec | 12 Jan 2022

Index

Sponsored

Less time debugging, more time building

Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.

scoutapm.com

Get the trending Python projects
with our weekly report!
» Subscribe «