Python malware-analysis

Open-source Python projects categorized as malware-analysis

Top 23 Python malware-analysis Projects

malware-analysis
  1. theZoo

    A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

    Project mention: Malware Analysis: CryptoLocker | dev.to | 2024-12-29

    The analyzed sample is provided within this folder, the password for the zip file is infected. This sample was taken from theZoo Repository.

  2. InfluxDB

    InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.

    InfluxDB logo
  3. pwndbg

    Exploit Development and Reverse Engineering with GDB & LLDB Made Easy

    Project mention: Pleasant Debugging with GDB and DDD | news.ycombinator.com | 2024-11-16

    It's written for exploit development, but even for debugging a C program. It makes things a lot nicer.

    https://pwndbg.re/

  4. gef

    GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Linux

    Project mention: Bit Vectors and my first steps into assembly | news.ycombinator.com | 2024-12-25
  5. flare-vm

    A collection of software installations scripts for Windows systems that allows you to easily setup and maintain a reverse engineering environment on a VM.

  6. pyWhat

    🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙‍♀️

    Project mention: pyWhat VS binwalk - a user suggested alternative | libhunt.com/r/pyWhat | 2024-07-19
  7. capa

    The FLARE team's open-source tool to identify capabilities in executable files.

  8. IntelOwl

    IntelOwl: manage your Threat Intelligence at scale

  9. SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
  10. flare-floss

    FLARE Obfuscated String Solver - Automatically extract obfuscated strings from malware.

  11. malwoverview

    Malwoverview is a first response tool used for threat hunting and offers intel information from Virus Total, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, InQuest, VxExchange and IPInfo, and it is also able to scan Android devices against VT.

  12. oletools

    oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.

    Project mention: Paper sospechoso - CTF - PWNEDCR0x7 | dev.to | 2024-11-10
  13. CAPEv2

    Malware Configuration And Payload Extraction

  14. flare-fakenet-ng

    FakeNet-NG - Next Generation Dynamic Network Analysis Tool

  15. yarGen

    yarGen is a generator for YARA rules

  16. unlicense

    Dynamic unpacker and import fixer for Themida/WinLicense 2.x and 3.x.

  17. drakvuf-sandbox

    DRAKVUF Sandbox - automated hypervisor-level malware analysis system

  18. ViperMonkey

    A VBA parser and emulation engine to analyze malicious macros.

  19. malboxes

    Builds malware analysis Windows VMs so that you don't have to.

  20. honeypots

    30 different honeypots in one package! (dhcp, dns, elastic, ftp, http proxy, https proxy, http, https, imap, ipp, irc, ldap, memcache, mssql, mysql, ntp, oracle, pjl, pop3, postgres, rdp, redis, sip, smb, smtp, snmp, socks5, ssh, telnet, vnc)

  21. antivmdetection

    Script to create templates to use with VirtualBox to make vm detection harder

  22. refinery

    High Octane Triage Analysis (by binref)

  23. packj

    Packj stops :zap: Solarwinds-, ESLint-, and PyTorch-like attacks by flagging malicious/vulnerable open-source dependencies ("weak links") in your software supply-chain

    Project mention: A Study of Malware Prevention in Linux Distributions | news.ycombinator.com | 2024-11-21

    Good to see Packj[1] as one of the malware scanners used.

    1. https://github.com/ossillate-inc/packj

    Packj detects malicious PyPI/NPM/Ruby/PHP/etc. dependencies using behavioral analysis. It uses static+dynamic code analysis to scan for indicators of compromise (e.g., spawning of shell, use of SSH keys, network communication, use of decode+eval, etc). It also checks for several metadata attributes to detect bad actors (e.g., typo squatting).

  24. karton

    Distributed malware processing framework based on Python, Redis and S3.

  25. IATelligence

    IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&CK matrix related

  26. SaaSHub

    SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

    SaaSHub logo
NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020).

Python malware-analysis discussion

Log in or Post with

Python malware-analysis related posts

  • Malware Analysis: CryptoLocker

    1 project | dev.to | 29 Dec 2024
  • Paper sospechoso - CTF - PWNEDCR0x7

    1 project | dev.to | 10 Nov 2024
  • TheZoo a.k.a. Malware DB

    1 project | news.ycombinator.com | 18 Aug 2023
  • Tools to demonstrate malware or ransomware infected PC

    1 project | /r/cybersecurity | 20 Jul 2023
  • Advices for an automated malware analysis lab project

    3 projects | /r/Malware | 11 Jul 2023
  • Worms for practice

    1 project | /r/hacking | 28 Jun 2023
  • N00bs Night Malware RE Workshop with @c3rb3ru5d3d53c (OALABS) ​

    5 projects | /r/Malware | 11 Jun 2023
  • A note from our sponsor - SaaSHub
    www.saashub.com | 23 May 2025
    SaaSHub helps you find the best software and product alternatives Learn more →

Index

What are some of the best open-source malware-analysis projects in Python? This list will help you:

# Project Stars
1 theZoo 11,841
2 pwndbg 8,637
3 gef 7,504
4 flare-vm 7,294
5 pyWhat 6,866
6 capa 5,310
7 IntelOwl 4,123
8 flare-floss 3,534
9 malwoverview 3,195
10 oletools 3,065
11 CAPEv2 2,425
12 flare-fakenet-ng 1,918
13 yarGen 1,643
14 unlicense 1,140
15 drakvuf-sandbox 1,139
16 ViperMonkey 1,092
17 malboxes 1,040
18 honeypots 786
19 antivmdetection 742
20 refinery 725
21 packj 662
22 karton 426
23 IATelligence 358

Sponsored
InfluxDB – Built for High-Performance Time Series Workloads
InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.
www.influxdata.com

Did you know that Python is
the 2nd most popular programming language
based on number of references?