{"id":13797190,"url":"https://github.com/deadbits/malware-analysis-scripts","last_synced_at":"2025-05-07T06:02:29.760Z","repository":{"id":26283467,"uuid":"29731042","full_name":"deadbits/malware-analysis-scripts","owner":"deadbits","description":"Collection of scripts for different malware analysis tasks","archived":false,"fork":false,"pushed_at":"2019-07-15T00:18:56.000Z","size":28,"stargazers_count":76,"open_issues_count":2,"forks_count":17,"subscribers_count":6,"default_branch":"master","last_synced_at":"2025-03-31T07:02:32.386Z","etag":null,"topics":["malware","malware-analysis","malware-research","reverse-engineering"],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/deadbits.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-01-23T12:08:17.000Z","updated_at":"2024-11-25T01:25:59.000Z","dependencies_parsed_at":"2022-08-26T21:19:47.378Z","dependency_job_id":null,"html_url":"https://github.com/deadbits/malware-analysis-scripts","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deadbits%2Fmalware-analysis-scripts","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deadbits%2Fmalware-analysis-scripts/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deadbits%2Fmalware-analysis-scripts/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/deadbits%2Fmalware-analysis-scripts/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/deadbits","download_url":"https://codeload.github.com/deadbits/malware-analysis-scripts/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252823910,"owners_count":21809711,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["malware","malware-analysis","malware-research","reverse-engineering"],"created_at":"2024-08-03T23:01:24.505Z","updated_at":"2025-05-07T06:02:29.676Z","avatar_url":"https://github.com/deadbits.png","language":"Python","readme":"[![Say Thanks](https://img.shields.io/badge/Say%20Thanks-!-1EAEDB.svg?style=flat)](https://saythanks.io/to/deadbits)\n\n# malware-analysis-scripts\nCollection of scripts for different malware analysis tasks\n\n## Introduction\nSome of these scripts are mine. Some of them are not. I have had many of these stored for a \nlong time and I will try to make sure credit for others work is given where due, though \nsometimes I no longer know who the original author actually is. \n  \nIf you happen to see code you recognize here please let me know in a Issue so I can assign proper credit. \n  \nThis README will be used to keep track of the contents of this repo, what each script does and who the original authors are, if it is not myself. Each script may have it's own documentation within it as well.\n\n\n## Contents\nSorted by author:\n  * getstatic.py (deadbits)\n  * getimps.py (deadbits)\n  * domain_registrant.py (deadbits)\n  * gozi-c2-craft.py (deadbits)\n  * malshare_dl.py (deadbits)\n  * http_forge.py (deadbits)\n  * irc_stealth.py (deadbits)\n  * local2splunk.py (deadbits)\n  * lookup_dns.py (deadbits)\n  * mass_nmap.py (deadbits)\n  * maz_slim.py (deadbits)\n  \n***\n  * memdump.c (travis montoya)\n  \n***\n  * blackenergy.py ([Malware.lu](http://www.malware.lu))\n  * bozok_config.py ([Malware.lu](http://www.malware.lu))\n  \n***\n  * vt-notify.rb (author unknown)\n  * binextract.py (author unknown)\n  * anubis.py (author unknown)\n  * decodebhek.py (author unknown)\n  * cifcsv.py (author unknown)\n  * magic.py (author unknown)\n  * match.py (author unknown)\n  * phpdecode.py (author unknown)\n  * xorencode.c (author unkown - maybe myself? really dont remember..)\n  * xortools.py (author unknown)\n  * fake_dns.py (author unknown)\n  \n***\n  * darkcomet_config.py ([r3shl4k1sh](https://bitbucket.org/r3shl4k1sh))\n   \n***\n  * atrax-root.py (siph0n)\n  \n***\n  * pescanner.py (Michael Ligh)\n  * avsubmit.py (Michael Ligh)\n  * db-artifacts.py (Michael Ligh)\n  \n***\n  * backtrack.py (Alexander Hanel)\n  * import_snapshop.py (Alexander Hanel)\n  * vt_pyscan.py (Alexander Hanel)\n  \n***\n  * AnalyzePE.py (hiddenillusion)\n  * IPInfo.py (hiddenillusion)\n  \n***\n  * Automater.py ([TekDefesene](http://www.tekDefense.com))\n  \n***\n  * wepewet.py (wepawet@cs.ucsb.edu)\n\n\n","funding_links":[],"categories":["\u003ca id=\"8c5a692b5d26527ef346687e047c5c21\"\u003e\u003c/a\u003e收集"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdeadbits%2Fmalware-analysis-scripts","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdeadbits%2Fmalware-analysis-scripts","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdeadbits%2Fmalware-analysis-scripts/lists"}