InfluxDB is the Time Series Platform where developers build real-time applications for analytics, IoT and cloud-native services. Easy to start, it is available in the cloud or on-premises. Learn more →
Top 23 Python Malware Projects
🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.Project mention: There’s ads when you pause | reddit.com/r/ABoringDystopia | 2023-01-31
The Rogue Access Point FrameworkProject mention: Fixing an embedded null character error | reddit.com/r/linuxquestions | 2022-12-29
In an effort to spend less time in front of class fiddling with the command line I tried using WifiPhisher https://github.com/wifiphisher/wifiphisher --- but it randomly crashes with the following error:
Build time-series-based applications quickly and at scale.. InfluxDB is the Time Series Platform where developers build real-time applications for analytics, IoT and cloud-native services. Easy to start, it is available in the cloud or on-premises.
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.Project mention: How to write malware | reddit.com/r/hacking | 2023-01-21
vx-underground The Zoo
An advanced memory forensics frameworkProject mention: memory dump with FTK Imager | reddit.com/r/computerforensics | 2022-12-02
🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙♀️Project mention: Go Library like PyWhat? | reddit.com/r/golang | 2022-10-20
Is there a library written in Go similar to PyWhat? I want to use a subset of the functionality for a simple go program I'm writing. I could just call PyWhat, link to lemmeknow, or even write a simple go implementation myself, but I wanted to ask if there was a pure go implementation. Thanks!
Exploit Development and Reverse Engineering with GDB Made EasyProject mention: Any tips for newish C debugging please. | reddit.com/r/neovim | 2023-02-01
By far the best debugger for C is gdb+pwndbg (https://github.com/pwndbg/pwndbg)
Malicious traffic detection systemProject mention: Is Maltrait worth the trouble? | reddit.com/r/OPNsenseFirewall | 2022-12-22
Yes, MT had OOM on *BSD, because of python-pcapy module, which is currently unmaintained. So, the fork was done and python-pcapy-ng becomes actual module for MT, which fixed OOM and now MT works OK for *BSD-line:  https://github.com/stamparm/maltrail/issues/19056  https://github.com/stamparm/maltrail/issues/16710  py-pcapy-ng on Fresh Ports: https://www.freshports.org/net/py-pcapy-ng/ Also /requirement.txt file was modified for MT to avoid installing python-pcapy instead of python-pcapy-ng:  https://github.com/stamparm/maltrail/commit/2aa2da5ba5c332ddd106020290926d1fdfd0f8b2 Despite on all it, some mass-medias keep saying that python-pcapy is required for MT to work. No, just python-pcapy-ng. "Given everything is now encrypted, does anyone know if it is still effective?" <-- IDS (MT is the IDS itself) is passive detection, it doesn't provide the prevention actions. MT can use blocking mechanism, they are describes for Linux: https://github.com/stamparm/maltrail/wiki/Miscellaneous#1-setting-up-maltrail-as-an-intrusion-prevention-system-ips . If some can describe mechanism for MT on *BSD-line, that would be nice. Anyway would be thankful, if you provide details on missing ransomware. Perhaps, it is needed to update network IoCs, if ransomware comprometation was via network. Thank you! "Are the signatures reasonably up to date?" <-- trying to be up-to-dated: https://github.com/stamparm/maltrail/commits/master
Write Clean Python Code. Always.. Sonar helps you commit clean code every time. With over 225 unique rules to find Python bugs, code smells & vulnerabilities, Sonar finds the issues while you focus on the work.
A True Instrumentable Binary Emulation FrameworkProject mention: Unicorn Engine problem with map | reddit.com/r/learnprogramming | 2022-11-26
Sounds more like r/ReverseEngineering. If what you want to do is some dynamic analysis or just play around, maybe try using qiling, it's built on top of unicorn and is made by the same authors. It will take care of loading the file for you.
FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.Project mention: Static Analysis Research - Windows PE | dev.to | 2023-01-06
Recently, I decided do delve a little bit more into static analysis, something beyond just running strings on a binary and getting the ASCII characters that are printable. I decided to take a deep look at how FLOSS is working and possibly recreate some of its functionality in my own tool.
Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest and it is able to scan Android devices against VT.
Volatility 3.0 developmentProject mention: Wie kompiliert man vollständig den Source-Code auf einem Debian Linux? | reddit.com/r/de_EDV | 2022-06-21
yarGen is a generator for YARA rulesProject mention: Tasked with building a malware analysis / threat hunting machine . Need feedback | reddit.com/r/cybersecurity | 2022-03-10
Yara rules generator - Generate yara rules based on a set of malware sample, https://github.com/Neo23x0/yarGen
Malware Configuration And Payload ExtractionProject mention: Does anyone installed cuckoo sandbox recently? | reddit.com/r/cybersecurity | 2022-06-16
https://github.com/kevoreilly/CAPEv2 is a more "production ready" solution.
IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.
DRAKVUF Sandbox - automated hypervisor-level malware analysis system
ThePhish: an automated phishing email analysis toolProject mention: security alerts management | reddit.com/r/msp | 2022-09-15
Python Remote Administration Tool (RAT) to gain meterpreter session
Volatility plugin for extracts configuration data of known malware
The openSquat project is an open-source solution for detecting phishing domains and domain squatting. It searches for newly registered domains that impersonate legitimate domains on a daily basis. This project aims to help protect individuals and organizations from cyber threats by identifying and alerting them to potentially malicious domains.Project mention: How to find a similar looking domains | reddit.com/r/OSINT | 2022-10-08
The vetting tool 🚀 behind our "dependency firewall" to block malicious/risky open-source packages in your software supply chain
Clusters and elements to attach to MISP events or attributes (like threat actors)Project mention: Profiling and Tracking Threat Actors | reddit.com/r/OSINT | 2022-09-13
MISP threat actors galaxy may be of interest: https://github.com/MISP/misp-galaxy
Volatility plugins developed and maintained by the community (by volatilityfoundation)Project mention: Volatility 3 commands and usage tips to get started with memory forensics. Volatility 3 + plugins make it easy to do advanced memory analysis. | reddit.com/r/computerforensics | 2022-02-22
It embeds the executable file or payload inside the jpg file. The method the program uses isn't exactly called one of the steganography methods. For this reason, it does not cause any distortion in the JPG file. The JPG file size and payload do not have to be proportional.The JPG file is displayed normally in any viewing application or web application. It can bypass various security programs such as firewall, antivirus. If the file is examined in detail, it is easier to detect than steganograpProject mention: JPGtoMalware | news.ycombinator.com | 2022-06-02
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Python Malware related posts
There’s ads when you pause
1 project | reddit.com/r/ABoringDystopia | 31 Jan 2023
hc-rs: a hosts file creator
2 projects | reddit.com/r/commandline | 29 Jan 2023
Show HN: Coder Guard – Protect Your IDE from Malicious Extensions
1 project | news.ycombinator.com | 26 Jan 2023
How do I scan the models?
1 project | reddit.com/r/StableDiffusion | 24 Jan 2023
How to write malware
2 projects | reddit.com/r/hacking | 21 Jan 2023
Block time wasters permanently on your phone + ad free app experience on Android
1 project | reddit.com/r/lifehacks | 16 Jan 2023
Joel Järvensivu, 24, vaihtoi kännykän retromalliin ja käyttää älypuhelinta vain tarpeeseen – "Tajusin, ettei siinä jää paitsi mistään"
1 project | reddit.com/r/Suomi | 16 Jan 2023
A note from our sponsor - InfluxDB
www.influxdata.com | 4 Feb 2023
What are some of the best open-source Malware projects in Python? This list will help you: