A Modular Malware Configuration Extraction Tool using MalDuck

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for c3rb3ru5d3d53c from gravatar.com c3rb3ru5d3d53c

Unverified details

These details have not been verified by PyPI

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

Maintainer: c3r3b3ru5

Classifiers

Project description

Malware Configuration Extractor

build license pypi-version pypi-downloads pypi-wheel issues stars

logo

A Malware Configuration Extraction Tool and Modules for MalDuck

This project is FREE as in FREE :beer:, use it commercially, privately or however you see fit.

If you like this project and wish to donate :moneybag: to support the fight against malware...

Buy me a :tea:, as I don't drink :beer:, by sending me some ₿ to 16oXesi7uv3jdPZxxwarHSD2f3cNMpaih9

Installation:

sudo apt install -y python-virtualenv python-is-python3 git-lfs
git clone --recursive https://github.com/c3rb3ru5d3d53c/mwcfg.git
cd mwcfg/
virtualenv venv/
source venv/bin/activate
./setup.py install
git lfs --include tests/azorult.zip
unzip -P infected tests/azorult.zip tests/
mwcfg --input tests/azorult/ --modules modules/ --threads 4 --debug
mwcfg --input tests/azorult/ --list-modules

CLI Usage:

usage: mwcfg v1.0.0 [-h] [--version] [-i INPUT] -m MODULES [--list-modules] [-d] [-p] [-t THREADS] [-r] [-l LOG]

A Modular Malware Configuration Extraction Utility for MalDuck

optional arguments:
  -h, --help            show this help message and exit
  --version             show program's version number and exit
  -i INPUT, --input INPUT
                        Input File or Directory
  -m MODULES, --modules MODULES
                        Modules
  --list-modules
  -d, --debug           Debug
  -p, --pretty          Pretty Print Configs
  -t THREADS, --threads THREADS
                        Threads
  -r, --recursive       Recursive
  -l LOG, --log LOG     Log to File

Author: c3rb3ru5

Karton Framework Installation:

sudo apt install -y python-virtualenv python-is-python3 git-lfs
git clone --recursive https://github.com/c3rb3ru5d3d53c/mwcfg.git
cd mwcfg/
virtualenv venv/
source venv/bin/activate
./setup.py install
pip install karton-config-extractor
karton-config-extractor --config-file karton.ini --modules modules/

Contributing Modules:

Please refer to CONTRIBUTING.md

Additional Resources:

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for c3rb3ru5d3d53c from gravatar.com c3rb3ru5d3d53c

Unverified details

These details have not been verified by PyPI

View statistics for this project via Libraries.io, or by using our public dataset on Google BigQuery

Meta

Maintainer: c3r3b3ru5

Classifiers

Release history Release notifications | RSS feed

This version

1.0.1

1.0.0

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

mwcfg-1.0.1.tar.gz (5.8 kB view hashes)

Uploaded Source

Built Distribution

mwcfg-1.0.1-py3-none-any.whl (6.8 kB view hashes)

Uploaded Python 3

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page