Python malware-research

Open-source Python projects categorized as malware-research

Top 21 Python malware-research Projects

  • theZoo

    A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.

    Project mention: TheZoo a.k.a. Malware DB | news.ycombinator.com | 2023-08-18
  • pyWhat

    🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙‍♀️

    Project mention: Go Library like PyWhat? | /r/golang | 2022-10-20

    Is there a library written in Go similar to PyWhat? I want to use a subset of the functionality for a simple go program I'm writing. I could just call PyWhat, link to lemmeknow, or even write a simple go implementation myself, but I wanted to ask if there was a pure go implementation. Thanks!

  • Sonar

    Write Clean Python Code. Always.. Sonar helps you commit clean code every time. With over 225 unique rules to find Python bugs, code smells & vulnerabilities, Sonar finds the issues while you focus on the work.

  • CAPEv2

    Malware Configuration And Payload Extraction

  • yarGen

    yarGen is a generator for YARA rules

  • malboxes

    Builds malware analysis Windows VMs so that you don't have to.

  • drakvuf-sandbox

    DRAKVUF Sandbox - automated hypervisor-level malware analysis system

  • ThreatIngestor

    Extract and aggregate threat intelligence.

  • InfluxDB

    Collect and Analyze Billions of Data Points in Real Time. Manage all types of time series data in a single, purpose-built database. Run at any scale in any environment in the cloud, on-premises, or at the edge.

  • iocextract

    Defanged Indicator of Compromise (IOC) Extractor.

    Project mention: DataSurgeon: Quickly Extracts IP's, Email Addresses, Hashes, Files, URLs, Phone numbers and more from text | /r/programming | 2023-03-03

    Similar tool, but more estabilished and tailored specifically for threat hunting: https://github.com/InQuest/python-iocextract

  • karton

    Distributed malware processing framework based on Python, Redis and S3.

    Project mention: Advices for an automated malware analysis lab project | /r/Malware | 2023-07-11
  • mwdb-core

    Malware repository component for samples & static configuration with REST API interface.

    Project mention: Advices for an automated malware analysis lab project | /r/Malware | 2023-07-11
  • malware-ioc

    This repository contains indicators of compromise (IOCs) of our various investigations. (by prodaft)

    Project mention: PTI-257 Group Indicators of Compromise (IOCs) - PTI-257 consists of former Wizard Spider actors who are publicly known for the various malware variants they use (Ryuk, Trickbot, and Conti, among others) | /r/blueteamsec | 2023-09-14
  • pyc2bytecode

    A Python Bytecode Disassembler helping reverse engineers in dissecting Python binaries by disassembling and analyzing the compiled python byte-code(.pyc) files across all python versions (including Python 3.10.*)

  • pyhidra

    Pyhidra is a Python library that provides direct access to the Ghidra API within a native CPython interpreter using jpype.

    Project mention: Python script which uses Ghidra doesn't recognize imports | /r/ghidra | 2023-06-11

    I have Pyhidra installed, and I've followed the raw usage example on the GitHub page (https://github.com/dod-cyber-crime-center/pyhidra), However, my script doesn't recognize the libraries. What's going wrong?

  • teleRAT

    Telegram RAT written in Python

  • peid

    Python implementation of the Packed Executable iDentifier (PEiD)

  • aurora

    Malware similarity platform with modularity in mind. (by W3ndige)

  • docker-packing-box

    Docker image gathering packers and tools for making datasets of packed executables and training machine learning models for packing detection

  • bintropy

    Analysis tool for estimating the likelihood that a binary contains compressed or encrypted bytes

  • ATLAS

    ATLAS - Malware Analysis Description (by MALWARE-ATLAS)

  • pypackerdetect

    Packing detection tool for PE files

  • ace-firefist

    Attack chain emulator. Write recipes for initial access easily

    Project mention: Initial acess simulation tests | /r/redteamsec | 2023-03-24

    To test initial access with file execution can try something like https://github.com/dobin/ace-firefist

  • Mergify

    Tired of breaking your main and manually rebasing outdated pull requests?. Managing outdated pull requests is time-consuming. Mergify's Merge Queue automates your pull request management & merging. It's fully integrated to GitHub & coordinated with any CI. Start focusing on code. Try Mergify for free.

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2023-09-14.

Python malware-research related posts

Index

What are some of the best open-source malware-research projects in Python? This list will help you:

Project Stars
1 theZoo 10,080
2 pyWhat 6,075
3 CAPEv2 1,358
4 yarGen 1,332
5 malboxes 1,008
6 drakvuf-sandbox 866
7 ThreatIngestor 719
8 iocextract 447
9 karton 344
10 mwdb-core 272
11 malware-ioc 151
12 pyc2bytecode 115
13 pyhidra 106
14 teleRAT 103
15 peid 88
16 aurora 74
17 docker-packing-box 36
18 bintropy 32
19 ATLAS 19
20 pypackerdetect 16
21 ace-firefist 14
Tired of breaking your main and manually rebasing outdated pull requests?
Managing outdated pull requests is time-consuming. Mergify's Merge Queue automates your pull request management & merging. It's fully integrated to GitHub & coordinated with any CI. Start focusing on code. Try Mergify for free.
blog.mergify.com