PyRank
  • Insights
  • PyPI
  • GitHub
  • Search
  • Compare
  • Advisories
  • Ecosystem
  • About

Malware Python Packages

Python packages with the GitHub topic malware. Sorted by relevance, with stars and monthly downloads.
ioc-fang
ioc-fanger

Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .

96K 67 12
volatilityfoundation
volatility3

Volatility 3.0 development

79K 4K 670
dmachard
blocklist-aggregator

Domains blocklist aggregator - Create your own list from several sources.

42K 14 3
delvinru
apk-info

APK full-featured parser

23K 131 15
owasp-dep-scan
blint

blint is a Binary Linter that checks the security properties and capabilities of your executables. It can also generate a Software Bill-of-Materials (SBOM) for supported binaries.

15K 448 47
dbrennand
virustotal-python

A Python library to interact with the public VirusTotal v3 and v2 APIs.

12K 75 17
wordfence
wordfence

Wordfence malware and vulnerability scanner command line utility.

10K 155 32
malwaredb
malwaredb

MalwareDB: bookkeeping for malware, goodware, and unknown files with relationship discovery

9K 59 7
nazywam
autoit-ripper

Extract AutoIt scripts embedded in PE binaries

8K 241 42
alexandreborges
malwoverview

Malwoverview is a first response tool for threat hunting across VirusTotal, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, IPInfo, Shodan, AbuseIPDB, GreyNoise, URLScan.io, Whois/RDAP, NIST, and VulnCheck. Supports LLM enrichment, IOC extraction, YARA scanning, and Android analysis.

6K 4K 529
elastic
die-python

Native Python3 bindings for @horsicq's Detect-It-Easy

5K 87 6
Squiblydoo
debloat

A GUI and CLI tool for removing bloat from executables

5K 453 37
bee-san
pywhat

🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙‍♀️

4K 7K 388
certtools
intelmq

IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.

3K 1K 317
michelcrypt4d4mus
yaralyzer

Visually inspect and force decode YARA and regex matches found in both binary and text data with colors. Lots of colors.

3K 150 15
3c7
malwarebazaar

Python based CLI for MalwareBazaar

2K 39 5
TrustSource
ts-deepscan

Repository scanner for identification of licenses, copyrights and encryption

2K 3 3
ogre2007
yarobot

Simple YARA rules generator with web interface, API, and cli

2K 3 0
schirrmacher
malwi

malwi - AI Python Malware Scanner

1K 6 1
JPCERTCC
pyimpfuzzy

Fuzzy Hash calculated from import API of PE files

1K 90 18
seifreed
iocparser-tool

IOCParser extracts Indicators of Compromise from reports, feeds, URLs, stdin, and directory trees. It supports refanging, MISP warning-list enrichment, structured renderers, persisted run history, IOC search, run diffs, and queue-backed distributed processing.

919 18 4
wifiphisher
wifiphisher

The Rogue Access Point Framework

812 15K 3K
seanthegeek
yara-mail

A Python package and command line utility for scanning emails with YARA rules

790 23 5
mrexodia
dumpulator

An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in general (sandboxing).

775 868 51
    • Data from PyPI, GitHub, ClickHouse, and BigQuery