CAPE: Malware Configuration Extraction

These details have not been verified by PyPI

Project description

CAPE-parsers

CAPE core and community parsers

Configs structure

CNCs: []
campaign: str
botnet: str
dga_seed: hex str
version: str
mutex: str
user_agent: str
build: str
cryptokey: str
cryptokey_type: str (algorithm). Ex: RC4, RSA public key. salsa20, (x)chacha20
raw: {any other data goes here}

All CNC entries should be in URL format. aka <schema>://<hostname>:<port>/<uri>
- Schema examples: tcp://, ftp://, udp://, http(s), etc.
- Old CAPE configs still have lack of this structures as most of them are dead families.
- This CNC simplification make it easier to parse with tools like tldextract or urlparse

Project details

These details have not been verified by PyPI

Release history Release notifications | RSS feed

0.1.62

Feb 5, 2026

0.1.61

Dec 19, 2025

0.1.60

Dec 10, 2025

0.1.59

Dec 9, 2025

0.1.58

Nov 24, 2025

0.1.57

Nov 17, 2025

0.1.56

Nov 11, 2025

This version

0.1.55

Nov 5, 2025

0.1.54

Nov 3, 2025

0.1.53

Nov 2, 2025

0.1.52

Oct 27, 2025

0.1.51

Oct 3, 2025

0.1.50

Sep 9, 2025

0.1.49

Sep 2, 2025

0.1.48

Aug 17, 2025

0.1.47

Aug 8, 2025

0.1.46

Aug 7, 2025

0.1.45

Jul 31, 2025

0.1.44

Jul 23, 2025

0.1.42

Jul 8, 2025

0.1.41

Jul 8, 2025

0.1.38

Jul 8, 2025

0.1.37

Jun 27, 2025

0.1.36

Jun 4, 2025

0.1.35

May 20, 2025

0.1.34

May 10, 2025

0.1.33

May 5, 2025

0.1.32

Mar 4, 2025

0.1.31

Mar 4, 2025

0.1.29

Feb 13, 2025

0.1.28

Feb 11, 2025

0.1.27

Feb 10, 2025

0.1.26

Jan 29, 2025

0.1.25

Jan 29, 2025

0.1.24

Jan 29, 2025

0.1.23

Jan 29, 2025

0.1.22

Jan 27, 2025

0.1.20

Jan 8, 2025

0.1.18

Jan 7, 2025

0.1.17

Dec 30, 2024

0.1.15

Dec 11, 2024

0.1.14

Dec 4, 2024

0.1.13

Nov 27, 2024

0.1.12

Nov 25, 2024

0.1.10

Nov 14, 2024

0.1.9

Nov 14, 2024

0.1.8

Nov 12, 2024

0.1.7

Nov 12, 2024

0.1.6

Nov 12, 2024

0.1.4

Nov 1, 2024

0.1.3

Nov 1, 2024

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

cape_parsers-0.1.55.tar.gz (142.4 kB view details)

Uploaded Nov 5, 2025 Source

Built Distribution

If you're not sure about the file name format, learn more about wheel file names.

The dropdown lists show the available interpreters, ABIs, and platforms. Enable javascript to be able to filter the list of wheel files.

cape_parsers-0.1.55-py3-none-any.whl (196.8 kB view details)

Uploaded Nov 5, 2025 Python 3

File details

Details for the file cape_parsers-0.1.55.tar.gz.

File metadata

Download URL: cape_parsers-0.1.55.tar.gz
Upload date: Nov 5, 2025
Size: 142.4 kB
Tags: Source
Uploaded using Trusted Publishing? Yes
Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for cape_parsers-0.1.55.tar.gz
Algorithm	Hash digest
SHA256	`adf3fd63575877e1396eaffdda808e09a945663bc3e4b54870108b0bcbf9fbec`
MD5	`33e44658cf6148ef38dd6a3ad225daae`
BLAKE2b-256	`d05d25daf2b95ac577abef39c1b8ff6185455009083319050d6ac64928c567de`

See more details on using hashes here.

Provenance

The following attestation bundles were made for cape_parsers-0.1.55.tar.gz:

Publisher: publish.yml on CAPESandbox/CAPE-parsers

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Statement:
- Statement type: https://in-toto.io/Statement/v1
- Predicate type: https://docs.pypi.org/attestations/publish/v1
- Subject name: cape_parsers-0.1.55.tar.gz
- Subject digest: adf3fd63575877e1396eaffdda808e09a945663bc3e4b54870108b0bcbf9fbec
- Sigstore transparency entry: 670226958
- Sigstore integration time: Nov 5, 2025
Source repository:
- Permalink: CAPESandbox/CAPE-parsers@7d34594b49b49674bd95a0d37d7acd8d9d0ba35b
- Branch / Tag: refs/tags/v0.1.55
- Owner: https://github.com/CAPESandbox
- Access: public
Publication detail:
- Token Issuer: https://token.actions.githubusercontent.com
- Runner Environment: github-hosted
- Publication workflow: publish.yml@7d34594b49b49674bd95a0d37d7acd8d9d0ba35b
- Trigger Event: release

File details

Details for the file cape_parsers-0.1.55-py3-none-any.whl.

File metadata

Download URL: cape_parsers-0.1.55-py3-none-any.whl
Upload date: Nov 5, 2025
Size: 196.8 kB
Tags: Python 3
Uploaded using Trusted Publishing? Yes
Uploaded via: twine/6.1.0 CPython/3.13.7

File hashes

Hashes for cape_parsers-0.1.55-py3-none-any.whl
Algorithm	Hash digest
SHA256	`a0d637d7550fd68c3c2de5a060dcfbaa26657ac5d30109039d9b85a44b3708e9`
MD5	`34d9058221351c5366147678779c073c`
BLAKE2b-256	`65926f49b74e39ee5d915b05e7d8726c578b7e93e24253cafa5aa2138a67d4cb`

See more details on using hashes here.

Provenance

The following attestation bundles were made for cape_parsers-0.1.55-py3-none-any.whl:

Publisher: publish.yml on CAPESandbox/CAPE-parsers

Attestations: Values shown here reflect the state when the release was signed and may no longer be current.

Statement:
- Statement type: https://in-toto.io/Statement/v1
- Predicate type: https://docs.pypi.org/attestations/publish/v1
- Subject name: cape_parsers-0.1.55-py3-none-any.whl
- Subject digest: a0d637d7550fd68c3c2de5a060dcfbaa26657ac5d30109039d9b85a44b3708e9
- Sigstore transparency entry: 670227016
- Sigstore integration time: Nov 5, 2025
Source repository:
- Permalink: CAPESandbox/CAPE-parsers@7d34594b49b49674bd95a0d37d7acd8d9d0ba35b
- Branch / Tag: refs/tags/v0.1.55
- Owner: https://github.com/CAPESandbox
- Access: public
Publication detail:
- Token Issuer: https://token.actions.githubusercontent.com
- Runner Environment: github-hosted
- Publication workflow: publish.yml@7d34594b49b49674bd95a0d37d7acd8d9d0ba35b
- Trigger Event: release

CAPE-parsers 0.1.55

Navigation

Verified details

Maintainers

Unverified details

Meta

Classifiers

Project description

CAPE-parsers

Configs structure

Project details

Verified details

Maintainers

Unverified details

Meta

Classifiers

Release history Release notifications | RSS feed

Download files

Source Distribution

Built Distribution

File details

File metadata

File hashes

Provenance

File details

File metadata

File hashes

Provenance