PyPI Stats

Malware Analysis Python Packages

Python packages with the GitHub topic malware-analysis. Sorted by relevance, with stars and monthly downloads.
decalage2
oletools

oletools - python tools to analyze MS OLE2 files (Structured Storage, Compound File Binary Format) and MS Office documents, for malware analysis, forensics and debugging.

3.5M 3K 601
lief-project
lief

LIEF - Library to Instrument Executable Formats (C++, Python, Rust)

1.8M 5K 726
CybercentreCanada
assemblyline-ui

Web interface and APIs for Assemblyline 4

244K 21 27
CybercentreCanada
assemblyline-service-client

Service client that interfaces with the API to fetch tasks and publish the result for a service in Assemblyline 4

204K 3 7
CybercentreCanada
assemblyline-service-server

Service tasking and result publishing API for Assemblyline 4

173K 7 4
CybercentreCanada
assemblyline-core

Core server components for Assemblyline 4 (Alerter, dispatcher, expiry, ingester, scaler, updater, ...)

156K 21 18
CybercentreCanada
assemblyline

Base components for Assemblyline 4 (Datastore, ODM, Filestore, Remote Datatypes, utils function, etc...)

146K 71 41
williballenthin
python-flirt

intel x86(-64) code analysis library that reconstructs control flow

115K 110 13
binref
binary-refinery

High Octane Triage Analysis

111K 842 80
mandiant
flare-capa

The FLARE team's open-source tool to identify capabilities in executable files.

77K 6K 698
CybercentreCanada
assemblyline-v4-service

Base service class from Assemblyline 4

71K 15 13
fhightower
ioc-finder

Simple, effective, and modular package for parsing observables (indicators of compromise (IOCs), network data, and other, security related information) from text. It uses grammars rather than regexes which makes it more readable, maintainable, and hackable. Explore our interactive documentation here: https://hightower.space/ioc-finder/

38K 180 44
DissectMalware
pyonenote

A python library to parse OneNote (.one) files

30K 153 24
mandiant
speakeasy-emulator

Windows kernel and user mode emulation.

30K 2K 283
DissectMalware
xlmmacrodeobfuscator

Extract and Deobfuscate XLM macros (a.k.a Excel 4.0 Macros)

21K 587 120
anyrun
anyrun-sdk

Simplify integration with ANY.RUN REST API services

20K 12 4
Defense-Cyber-Crime-Center
pyhidra

Pyhidra is a Python library that provides direct access to the Ghidra API within a native CPython interpreter using jpype.

19K 208 22
rednaga
apkid

Android Application Identifier for Packers, Protectors, Obfuscators and Oddities - PEiD for Android

16K 2K 338
quark-engine
quark-engine

An Obfuscation-Neglect Android Malware Scoring System

14K 2K 201
williballenthin
python-lancelot

Intel x86(-64) code analysis library that reconstructs control flow

10K 110 13
icicle-emu
icicle-emu

Python bindings for the Icicle emulator.

10K 41 5
CERT-Polska
karton-core

Distributed malware processing framework based on Python, Redis and S3.

9K 470 52
CybercentreCanada
assemblyline-client

Python client for Assemblyline 3 and 4 / Client python pour AssemblyLine 3 and 4

9K 23 14
malwaredb
malwaredb

MalwareDB: bookkeeping for malware, goodware, and unknown files with relationship discovery

7K 57 7