Top 23 Python Malware Projects

Malware

• Add a project

1. hosts

   1 313 27,678 9.5 Python

   🔒 Consolidating and extending hosts files from several well-curated sources. Optionally pick extensions for porn, social media, and other categories.

   

   Project mention: uBlock Origin is no longer available on the Chrome Store | news.ycombinator.com | 2025-03-10

   uBlock Origin still works in Firefox. https://addons.mozilla.org/en-US/firefox/addon/ublock-origin...

   And you can, I believe, still just modify your hosts table to block out ads in Chrome. https://github.com/StevenBlack/hosts

   Or your router's DNS using something like NextDNS. https://nextdns.io/

   Ads suck. Support content where you can, but even when you pay they still serve ads / tracking scripts. So fuck 'em. Block all the ads.

2. CodeRabbit

   coderabbit.ai featured

   CodeRabbit: AI Code Reviews for Developers. Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.

   

3. wifiphisher

   2 5 13,633 2.1 Python

   The Rogue Access Point Framework

   

4. theZoo

   3 66 11,667 2.5 Python

   A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

   

   Project mention: Malware Analysis: CryptoLocker | dev.to | 2024-12-29

   The analyzed sample is provided within this folder, the password for the zip file is infected. This sample was taken from theZoo Repository.

5. volatility

   4 19 7,571 0.0 Python

   An advanced memory forensics framework

   

   Project mention: 💀 Insomni'hack 2025 CTF write-up | dev.to | 2025-03-17

   We were given a quite big 20250312.mem file. Looking at the name of the challenge and the size of the file, it was clear it was required to use volatility.

6. maltrail

   5 5 6,794 10.0 Python

   Malicious traffic detection system

   

7. pyWhat

   6 17 6,768 0.0 Python

   🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙‍♀️

   

   Project mention: pyWhat VS binwalk - a user suggested alternative | libhunt.com/r/pyWhat | 2024-07-19

8. qiling

   7 10 5,312 0.0 Python

   A True Instrumentable Binary Emulation Framework

   

   Project mention: Qiling: A True Instrumentable Binary Emulation Framework | news.ycombinator.com | 2024-04-01

9. SaaSHub

   www.saashub.com featured

   SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

   

10. flare-floss

    8 4 3,449 8.4 Python

    FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.

    

11. malwoverview

    9 3 3,114 7.9 Python

    Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest, VxExchange and IPInfo, and it is also able to scan Android devices against VT.

    

12. volatility3

    10 8 2,938 9.9 Python

    Volatility 3.0 development

    

    Project mention: Memory Dump Analysis | Kali Linux | dev.to | 2024-09-17

    Clone the Volatility 3 repository: > git clone https://github.com/volatilityfoundation/volatility3.git

13. APT_REPORT

    11 4 2,514 9.1 Python

    Interesting APT Report Collection And Some Special IOC

    

14. CAPEv2

    12 5 2,247 9.8 Python

    Malware Configuration And Payload Extraction

    

15. yarGen

    13 1 1,615 4.2 Python

    yarGen is a generator for YARA rules

    

16. ThePhish

    14 17 1,196 4.6 Python

    ThePhish: an automated phishing email analysis tool

    

17. drakvuf-sandbox

    15 2 1,105 8.2 Python

    DRAKVUF Sandbox - automated hypervisor-level malware analysis system

    

18. intelmq

    16 3 999 8.7 Python

    IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.

    

19. opensquat

    17 5 767 3.6 Python

    The openSquat is an open-source tool for detecting domain look-alikes by searching for newly registered domains that might be impersonating legit domains and brands.

    

20. packj

    18 39 661 7.2 Python

    Packj stops :zap: Solarwinds-, ESLint-, and PyTorch-like attacks by flagging malicious/vulnerable open-source dependencies ("weak links") in your software supply-chain

    

    Project mention: A Study of Malware Prevention in Linux Distributions | news.ycombinator.com | 2024-11-21

    Good to see Packj[1] as one of the malware scanners used.

    1. https://github.com/ossillate-inc/packj

    Packj detects malicious PyPI/NPM/Ruby/PHP/etc. dependencies using behavioral analysis. It uses static+dynamic code analysis to scan for indicators of compromise (e.g., spawning of shell, use of SSH keys, network communication, use of decode+eval, etc). It also checks for several metadata attributes to detect bad actors (e.g., typo squatting).

21. Python-Rootkit

    19 2 603 0.8 Python

    Python Remote Administration Tool (RAT) to gain meterpreter session

    

22. misp-galaxy

    20 4 557 9.6 Python

    Clusters and elements to attach to MISP events or attributes (like threat actors)

    

    Project mention: MISP galaxy – cybersecurity and other related knowledge base | news.ycombinator.com | 2024-05-20

23. MalConfScan

    21 1 483 3.3 Python

    Volatility plugin for extracts configuration data of known malware

    

24. gmailc2

    22 1 466 2.5 Python

    A Fully Undetectable C2 Server That Communicates Via Google SMTP to evade Antivirus Protections and Network Traffic Restrictions

    

25. Safe-and-Stable-Ckpt2Safetensors-Conversion-Tool-GUI

    23 24 446 0.8 Python

    Convert your Stable Diffusion checkpoints quickly and easily.

    

26. SaaSHub

    www.saashub.com featured

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    

Python Malware related posts

• 💀 Insomni'hack 2025 CTF write-up

  1 project | dev.to | 17 Mar 2025

• Malware Analysis: CryptoLocker

  1 project | dev.to | 29 Dec 2024

• Tell HN: I just updated my wife's Chrome, and uBlock is no longer supported

  5 projects | news.ycombinator.com | 25 Dec 2024

• A Study of Malware Prevention in Linux Distributions

  1 project | news.ycombinator.com | 21 Nov 2024

• pyWhat VS binwalk - a user suggested alternative

  2 projects | 19 Jul 2024

• Cyber Scarecrow, making your computer look 'scary' to malware

  7 projects | news.ycombinator.com | 18 Jun 2024

• Qiling: A True Instrumentable Binary Emulation Framework

  1 project | news.ycombinator.com | 1 Apr 2024
• A note from our sponsor - SaaSHub
  www.saashub.com | 18 Mar 2025

  SaaSHub helps you find the best software and product alternatives Learn more →

Index

Sponsored

CodeRabbit: AI Code Reviews for Developers

Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.

coderabbit.ai

Do not miss the trending Python projects with our weekly report!