Top 23 Python malware-research Projects

• theZoo

  64 10,688 2.8 Python

  A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

Project mention: TheZoo a.k.a. Malware DB | news.ycombinator.com | 2023-08-18

• pyWhat

  16 6,352 0.0 Python

  🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙‍♀️

• WorkOS

  workos.com sponsored

  The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

  

• CAPEv2

  5 1,650 9.9 Python

  Malware Configuration And Payload Extraction

• yarGen

  1 1,447 5.5 Python

  yarGen is a generator for YARA rules

• malboxes

  1 1,011 1.8 Python

  Builds malware analysis Windows VMs so that you don't have to.

  

• drakvuf-sandbox

  2 983 8.4 Python

  DRAKVUF Sandbox - automated hypervisor-level malware analysis system

  

• ThreatIngestor

  1 781 7.6 Python

  Extract and aggregate threat intelligence.

  

• InfluxDB

  www.influxdata.com sponsored

  Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

  

• iocextract

  1 485 5.4 Python

  Defanged Indicator of Compromise (IOC) Extractor.

  

• karton

  2 366 7.0 Python

  Distributed malware processing framework based on Python, Redis and S3.

  

Project mention: Advices for an automated malware analysis lab project | /r/Malware | 2023-07-11

• mwdb-core

  1 292 8.5 Python

  Malware repository component for samples & static configuration with REST API interface.

  

Project mention: Advices for an automated malware analysis lab project | /r/Malware | 2023-07-11

• malware-ioc

  8 196 6.7 Python

  This repository contains indicators of compromise (IOCs) of our various investigations. (by prodaft)

  

Project mention: PTI-257 Group Indicators of Compromise (IOCs) - PTI-257 consists of former Wizard Spider actors who are publicly known for the various malware variants they use (Ryuk, Trickbot, and Conti, among others) | /r/blueteamsec | 2023-09-14

• pyhidra

  2 141 6.6 Python

  Pyhidra is a Python library that provides direct access to the Ghidra API within a native CPython interpreter using jpype.

  

Project mention: Python script which uses Ghidra doesn't recognize imports | /r/ghidra | 2023-06-11

I have Pyhidra installed, and I've followed the raw usage example on the GitHub page (https://github.com/dod-cyber-crime-center/pyhidra), However, my script doesn't recognize the libraries. What's going wrong?

• pyc2bytecode

  1 127 0.0 Python

  A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)

• peid

  1 117 5.0 Python

  Python implementation of the Packed Executable iDentifier (PEiD)

  

• teleRAT

  6 109 0.0 Python

  Telegram RAT written in Python

• aurora

  1 74 0.0 Python

  Malware similarity platform with modularity in mind. (by W3ndige)

• Configuration_extractors

  1 45 7.7 Python

  Configuration Extractors for Malware

• machofile

  1 43 6.7 Python

  machofile is a module to parse Mach-O binary files

Project mention: machofile: machofile is a module to parse Mach-O binary files | /r/blueteamsec | 2023-10-13

• docker-packing-box

  1 42 9.4 Python

  Docker image gathering packers and tools for making datasets of packed executables and training machine learning models for packing detection

  

• bintropy

  1 38 6.7 Python

  Analysis tool for estimating the likelihood that a binary contains compressed or encrypted bytes

  

• IDAPython

  1 22 6.1 Python

  IDA Python scripts

• pypackerdetect

  1 19 4.2 Python

  Packing detection tool for PE files

  

• ATLAS

  1 19 3.0 Python

  ATLAS - Malware Analysis Description (by MALWARE-ATLAS)

  

• SaaSHub

  www.saashub.com sponsored

  SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives

  

Python malware-research related posts

• PTI-257 Group Indicators of Compromise (IOCs) - PTI-257 consists of former Wizard Spider actors who are publicly known for the various malware variants they use (Ryuk, Trickbot, and Conti, among others)
  1 project | /r/blueteamsec | 14 Sep 2023
• TheZoo a.k.a. Malware DB
  1 project | news.ycombinator.com | 18 Aug 2023
• Tools to demonstrate malware or ransomware infected PC
  1 project | /r/cybersecurity | 20 Jul 2023
• Worms for practice
  1 project | /r/hacking | 28 Jun 2023
• Python script which uses Ghidra doesn't recognize imports
  1 project | /r/ghidra | 11 Jun 2023
• Decryptor for PlutoCrypt Ransomware
  1 project | /r/blueteamsec | 26 May 2023
• Diablo I/II/III/IV/Immortal Class Randomizer
  2 projects | /r/diablo4 | 19 May 2023
• A note from our sponsor - SaaSHub
  www.saashub.com | 25 Apr 2024

  SaaSHub helps you find the best software and product alternatives Learn more →

Index

Sponsored

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com

Do not miss the trending Python projects with our weekly report!