Malware Research Python Packages

iocextract

Defanged Indicator of Compromise (IOC) Extractor.

64K 576 92

ioc-fanger

Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .

60K 68 10

ioc-finder

Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/

37K 180 44

pyhidra

Pyhidra is a Python library that provides direct access to the Ghidra API within a native CPython interpreter using jpype.

19K 208 22

apkid

Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android

16K 2K 338

karton-core

Distributed malware processing framework based on Python, Redis and S3.

9K 470 52

malwaredb

MalwareDB: bookkeeping for malware, goodware, and unknown files with relationship discovery

7K 57 7

die-python

Native Python3 bindings for @horsicq's Detect-It-Easy

7K 85 5

pywhat

🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙‍♀️

4K 7K 388

threatingestor

Extract and aggregate threat intelligence.

3K 913 135

VirusTotal Full api

3K 307 86

bintropy

Analysis tool for estimating the likelihood that a binary contains compressed or encrypted bytes

1K 49 4

peid

Python implementation of the Packed Executable iDentifier (PEiD)

1K 144 15

karton-classifier

File type classifier for the Karton framework.

1K 8 12

mwdb-core

MWDB Core malware database

1K 383 74

malware-atlas

ATLAS - Malware Analysis Description

847 21 3

reminder-detector

Implementation of the packing detection heuristic from the paper "Packed PE File Detection for Malware Forensics" of Han et al.

822 2 0

pypackerdetect

Packing detection tool for PE files

807 28 4

python-see

Sandboxed Execution Environment

749 821 94

dumpulator

An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in general (sandboxing).

586 860 50

karton-archive-extractor

Extractor of various archive formats for Karton framework

391 5 6

visualize-logs

A Python library and command line tools to provide interactive log visualization.

369 145 31

karton-dashboard

A small Flask application that allows for Karton task and queue introspection.

297 7 7

karton-config-extractor

Static configuration extractor for the Karton framework

266 10 6

Search Packages