Managing outdated pull requests is time-consuming. Mergify's Merge Queue automates your pull request management & merging. It's fully integrated to GitHub & coordinated with any CI. Start focusing on code. Try Mergify for free. Learn more →
Top 21 Python malware-research Projects
-
theZoo
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
-
pyWhat
🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙♀️
Is there a library written in Go similar to PyWhat? I want to use a subset of the functionality for a simple go program I'm writing. I could just call PyWhat, link to lemmeknow, or even write a simple go implementation myself, but I wanted to ask if there was a pure go implementation. Thanks!
-
Sonar
Write Clean Python Code. Always.. Sonar helps you commit clean code every time. With over 225 unique rules to find Python bugs, code smells & vulnerabilities, Sonar finds the issues while you focus on the work.
-
-
-
-
-
-
InfluxDB
Collect and Analyze Billions of Data Points in Real Time. Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge.
-
Project mention: DataSurgeon: Quickly Extracts IP's, Email Addresses, Hashes, Files, URLs, Phone numbers and more from text | /r/programming | 2023-03-03
Similar tool, but more estabilished and tailored specifically for threat hunting: https://github.com/InQuest/python-iocextract
-
-
-
malware-ioc
This repository contains indicators of compromise (IOCs) of our various investigations. (by prodaft)
Project mention: PTI-257 Group Indicators of Compromise (IOCs) - PTI-257 consists of former Wizard Spider actors who are publicly known for the various malware variants they use (Ryuk, Trickbot, and Conti, among others) | /r/blueteamsec | 2023-09-14 -
pyc2bytecode
A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)
-
pyhidra
Pyhidra is a Python library that provides direct access to the Ghidra API within a native CPython interpreter using jpype.
I have Pyhidra installed, and I've followed the raw usage example on the GitHub page (https://github.com/dod-cyber-crime-center/pyhidra), However, my script doesn't recognize the libraries. What's going wrong?
-
-
-
-
docker-packing-box
Docker image gathering packers and tools for making datasets of packed executables and training machine learning models for packing detection
-
bintropy
Analysis tool for estimating the likelihood that a binary contains compressed or encrypted bytes
-
-
-
To test initial access with file execution can try something like https://github.com/dobin/ace-firefist
-
Mergify
Tired of breaking your main and manually rebasing outdated pull requests?. Managing outdated pull requests is time-consuming. Mergify's Merge Queue automates your pull request management & merging. It's fully integrated to GitHub & coordinated with any CI. Start focusing on code. Try Mergify for free.
Python malware-research related posts
- PTI-257 Group Indicators of Compromise (IOCs) - PTI-257 consists of former Wizard Spider actors who are publicly known for the various malware variants they use (Ryuk, Trickbot, and Conti, among others)
- TheZoo a.k.a. Malware DB
- Tools to demonstrate malware or ransomware infected PC
- Worms for practice
- Python script which uses Ghidra doesn't recognize imports
- Decryptor for PlutoCrypt Ransomware
- Diablo I/II/III/IV/Immortal Class Randomizer
-
A note from our sponsor - Mergify
blog.mergify.com | 23 Sep 2023
Index
What are some of the best open-source malware-research projects in Python? This list will help you:
Project | Stars | |
---|---|---|
1 | theZoo | 10,080 |
2 | pyWhat | 6,075 |
3 | CAPEv2 | 1,358 |
4 | yarGen | 1,332 |
5 | malboxes | 1,008 |
6 | drakvuf-sandbox | 866 |
7 | ThreatIngestor | 719 |
8 | iocextract | 447 |
9 | karton | 344 |
10 | mwdb-core | 272 |
11 | malware-ioc | 151 |
12 | pyc2bytecode | 115 |
13 | pyhidra | 106 |
14 | teleRAT | 103 |
15 | peid | 88 |
16 | aurora | 74 |
17 | docker-packing-box | 36 |
18 | bintropy | 32 |
19 | ATLAS | 19 |
20 | pypackerdetect | 16 |
21 | ace-firefist | 14 |