PyRank

Malware Python Packages

Python packages with the GitHub topic malware. Sorted by relevance, with stars and monthly downloads.
ioc-fang
ioc-fanger

Fang and defang indicators of compromise. You can test this project in a GUI here: http://ioc-fanger.hightower.space .

67K 69 11
volatilityfoundation
volatility3

Volatility 3.0 development

67K 4K 653
dmachard
blocklist-aggregator

Domains blocklist aggregator - Create your own list from several sources.

47K 14 3
delvinru
apk-info

APK full-featured parser

24K 122 14
owasp-dep-scan
blint

blint is a Binary Linter that checks the security properties and capabilities of your executables. It can also generate a Software Bill-of-Materials (SBOM) for supported binaries.

16K 448 46
nazywam
autoit-ripper

Extract AutoIt scripts embedded in PE binaries

8K 240 42
wordfence
wordfence

Wordfence malware and vulnerability scanner command line utility.

7K 151 31
dbrennand
virustotal-python

A Python library to interact with the public VirusTotal v3 and v2 APIs.

6K 75 17
elastic
die-python

Native Python3 bindings for @horsicq's Detect-It-Easy

5K 87 5
malwaredb
malwaredb

MalwareDB: bookkeeping for malware, goodware, and unknown files with relationship discovery

5K 57 7
Squiblydoo
debloat

A GUI and CLI tool for removing bloat from executables

5K 448 37
bee-san
pywhat

🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙‍♀️

4K 7K 388
alexandreborges
malwoverview

Malwoverview is a first response tool for threat hunting across VirusTotal, Hybrid Analysis, URLHaus, Polyswarm, Malshare, Alien Vault, Malpedia, Malware Bazaar, ThreatFox, Triage, IPInfo, Shodan, AbuseIPDB, GreyNoise, URLScan.io, Whois/RDAP, NIST, and VulnCheck. Supports LLM enrichment, IOC extraction, YARA scanning, and Android analysis.

4K 4K 528
michelcrypt4d4mus
yaralyzer

Visually inspect and force decode YARA and regex matches found in both binary and text data with colors. Lots of colors.

3K 148 15
TrustSource
ts-deepscan

Repository scanner for the identification of effective licenses and copyright information.

2K 3 3
certtools
intelmq

IntelMQ is a solution for IT security teams for collecting and processing security feeds using a message queuing protocol.

2K 1K 315
3c7
malwarebazaar

Python based CLI for MalwareBazaar

2K 39 5
seanthegeek
yara-mail

A Python package and command line utility for scanning emails with YARA rules

2K 23 5
JPCERTCC
pyimpfuzzy

Fuzzy Hash calculated from import API of PE files

1K 90 18
ogre2007
yarobot

YARA generator inspired by yarGen

1K 3 0
anteater
anteater

Anteater - CI Validation Framework

1K 175 5
schirrmacher
malwi

malwi - AI Python Malware Scanner

895 6 1
atenreiro
opensquat

openSquat - Detection of domain squatting, typosquatting, IDN homograph attacks, and phishing threats

879 958 161
ysskrishna
shai-hulud-detector

A CLI tool to detect potential Shai Hulud npm-worm compromises in GitHub users and organizations.

864 3 0