Managing outdated pull requests is time-consuming. Mergify's Merge Queue automates your pull request management & merging. It's fully integrated to GitHub & coordinated with any CI. Start focusing on code. Try Mergify for free. Learn more →
Top 21 Python malware-research Projects
-
theZoo
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
-
pyWhat
🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙♀️
Is there a library written in Go similar to PyWhat? I want to use a subset of the functionality for a simple go program I'm writing. I could just call PyWhat, link to lemmeknow, or even write a simple go implementation myself, but I wanted to ask if there was a pure go implementation. Thanks!
-
Sonar
Write Clean Python Code. Always.. Sonar helps you commit clean code every time. With over 225 unique rules to find Python bugs, code smells & vulnerabilities, Sonar finds the issues while you focus on the work.
-
-
-
-
-
-
InfluxDB
Collect and Analyze Billions of Data Points in Real Time. Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge.
-
Project mention: DataSurgeon: Quickly Extracts IP's, Email Addresses, Hashes, Files, URLs, Phone numbers and more from text | /r/programming | 2023-03-03
Similar tool, but more estabilished and tailored specifically for threat hunting: https://github.com/InQuest/python-iocextract
-
-
-
malware-ioc
This repository contains indicators of compromise (IOCs) of our various investigations. (by prodaft)
Project mention: PTI-257 Group Indicators of Compromise (IOCs) - PTI-257 consists of former Wizard Spider actors who are publicly known for the various malware variants they use (Ryuk, Trickbot, and Conti, among others) | /r/blueteamsec | 2023-09-14 -
pyc2bytecode
A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)
-
pyhidra
Pyhidra is a Python library that provides direct access to the Ghidra API within a native CPython interpreter using jpype.
I have Pyhidra installed, and I've followed the raw usage example on the GitHub page (https://github.com/dod-cyber-crime-center/pyhidra), However, my script doesn't recognize the libraries. What's going wrong?
-
-
-
-
docker-packing-box
Docker image gathering packers and tools for making datasets of packed executables and training machine learning models for packing detection
-
bintropy
Analysis tool for estimating the likelihood that a binary contains compressed or encrypted bytes
-
-
-
To test initial access with file execution can try something like https://github.com/dobin/ace-firefist
-
Mergify
Tired of breaking your main and manually rebasing outdated pull requests?. Managing outdated pull requests is time-consuming. Mergify's Merge Queue automates your pull request management & merging. It's fully integrated to GitHub & coordinated with any CI. Start focusing on code. Try Mergify for free.
NOTE:
The open source projects on this list are ordered by number of github stars.
The number of mentions indicates repo mentiontions in the last 12 Months or
since we started tracking (Dec 2020).
The latest post mention was on 2023-09-14.
Python malware-research related posts
- PTI-257 Group Indicators of Compromise (IOCs) - PTI-257 consists of former Wizard Spider actors who are publicly known for the various malware variants they use (Ryuk, Trickbot, and Conti, among others)
- TheZoo a.k.a. Malware DB
- Tools to demonstrate malware or ransomware infected PC
- Worms for practice
- Python script which uses Ghidra doesn't recognize imports
- Decryptor for PlutoCrypt Ransomware
- Diablo I/II/III/IV/Immortal Class Randomizer
-
A note from our sponsor - Mergify
blog.mergify.com | 23 Sep 2023
Index
What are some of the best open-source malware-research projects in Python? This list will help you:
| Project | Stars | |
|---|---|---|
| 1 | theZoo | 10,080 |
| 2 | pyWhat | 6,075 |
| 3 | CAPEv2 | 1,358 |
| 4 | yarGen | 1,332 |
| 5 | malboxes | 1,008 |
| 6 | drakvuf-sandbox | 866 |
| 7 | ThreatIngestor | 719 |
| 8 | iocextract | 447 |
| 9 | karton | 344 |
| 10 | mwdb-core | 272 |
| 11 | malware-ioc | 151 |
| 12 | pyc2bytecode | 115 |
| 13 | pyhidra | 106 |
| 14 | teleRAT | 103 |
| 15 | peid | 88 |
| 16 | aurora | 74 |
| 17 | docker-packing-box | 36 |
| 18 | bintropy | 32 |
| 19 | ATLAS | 19 |
| 20 | pypackerdetect | 16 |
| 21 | ace-firefist | 14 |
Tired of breaking your main and manually rebasing outdated pull requests?
Managing outdated pull requests is time-consuming. Mergify's Merge Queue automates your pull request management & merging. It's fully integrated to GitHub & coordinated with any CI. Start focusing on code. Try Mergify for free.
blog.mergify.com