Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR. Learn more →
Top 23 Python malware-research Projects
-
theZoo
A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
Project mention: Cyber Scarecrow, making your computer look 'scary' to malware | news.ycombinator.com | 2024-06-18 -
CodeRabbit
CodeRabbit: AI Code Reviews for Developers. Revolutionize your code reviews with AI. CodeRabbit offers PR summaries, code walkthroughs, 1-click suggestions, and AST-based analysis. Boost productivity and code quality across all major languages with each PR.
-
pyWhat
🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙♀️
Project mention: pyWhat VS binwalk - a user suggested alternative | libhunt.com/r/pyWhat | 2024-07-19 -
-
-
-
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
-
-
-
-
Fake-Sandbox-Artifacts
This script allows you to create various artifacts on a bare-metal Windows computer in an attempt to trick malwares that looks for VM or analysis tools
Project mention: Cyber Scarecrow, making your computer look 'scary' to malware | news.ycombinator.com | 2024-06-18I’m sure it’s closed source for the eventual plans to monetize it, but what’s the real difference to something like https://github.com/NavyTitanium/Fake-Sandbox-Artifacts and why can’t you at least name yourselves?
Not many software promises to fend off attackers, asks for an email address before download, and creates a bunch of processes using a closed source dll the existence of which can easily be checked.
Then again, not many malware targeting consumers at random check for security software. You are more likely to see a malware stop working if you fake the amount of ram and cpu and your network driver vendor than if you have CrowdStrike, etc. running.
-
malware-ioc
This repository contains indicators of compromise (IOCs) of our various investigations. (by prodaft)
-
pyhidra
Pyhidra is a Python library that provides direct access to the Ghidra API within a native CPython interpreter using jpype.
-
pyc2bytecode
A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)
-
-
-
-
docker-packing-box
Docker image gathering packers and tools for making datasets of packed executables and training machine learning models for packing detection
-
-
bintropy
Analysis tool for estimating the likelihood that a binary contains compressed or encrypted bytes
-
-
-
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
Python malware-research discussion
Python malware-research related posts
-
Cyber Scarecrow, making your computer look 'scary' to malware
-
PTI-257 Group Indicators of Compromise (IOCs) - PTI-257 consists of former Wizard Spider actors who are publicly known for the various malware variants they use (Ryuk, Trickbot, and Conti, among others)
-
TheZoo a.k.a. Malware DB
-
Tools to demonstrate malware or ransomware infected PC
-
Worms for practice
-
Python script which uses Ghidra doesn't recognize imports
-
Decryptor for PlutoCrypt Ransomware
-
A note from our sponsor - CodeRabbit
coderabbit.ai | 10 Dec 2024
Index
What are some of the best open-source malware-research projects in Python? This list will help you:
Project | Stars | |
---|---|---|
1 | theZoo | 11,386 |
2 | pyWhat | 6,581 |
3 | CAPEv2 | 2,035 |
4 | yarGen | 1,559 |
5 | drakvuf-sandbox | 1,072 |
6 | malboxes | 1,030 |
7 | ThreatIngestor | 834 |
8 | iocextract | 513 |
9 | karton | 395 |
10 | mwdb-core | 328 |
11 | Fake-Sandbox-Artifacts | 250 |
12 | malware-ioc | 209 |
13 | pyhidra | 187 |
14 | pyc2bytecode | 133 |
15 | peid | 130 |
16 | teleRAT | 109 |
17 | Configuration_extractors | 54 |
18 | docker-packing-box | 49 |
19 | machofile | 48 |
20 | bintropy | 43 |
21 | IDAPython | 28 |
22 | pypackerdetect | 21 |
23 | ace-firefist | 19 |