Python tools to analyze security characteristics of MS Office and OLE files (also called Structured Storage, Compound File Binary Format or Compound Document File Format), for Malware Analysis and Incident Response (DFIR)

Passivetotal provides a Python client library implementation into RiskIQ API
services. The library currently provides support for the following services:

- Passive DNS queries and filters
- WHOIS queries (search and details)
- SSL Certificates (search and details)
- Account configuration
- Site actions (tagging, classifying, etc.)

Disassemble p-code of VBA code in OLE2 documents.

Supports VBA5 (Office 97, MacOffice 98), VBA6 (Office 2000 to Office 2009) and VBA7 (Office 2010 and higher).

Parser implementation for the Public Suffix List in Python.

Support for IDN (unicode or punycoded). With built-in list and an updater script.

Implements the radix tree data structure for the storage and
retrieval of IPv4 and IPv6 network prefixes.

The radix tree is commonly used for routing table lookups. It efficiently
stores network prefixes of varying lengths and allows fast lookups of
containing networks.

This package includes the C-extension.

Insert annotations into your source code based on call arguments and return types observed at runtime.

PyMISP is a Python library to access MISP platforms via their REST API.

PyMISP allows you to fetch events, add or update events/attributes, add or update samples or search for attributes.

A simple importable Python module which will produce parsed WHOIS data for a given domain.
Able to extract data for all the popular TLDs (com, org, net, ...)
Query a WHOIS server directly instead of going through an intermediate web service like many others do.

Module for retrieving and parsing the WHOIS data for a domain.

A tool to automatically upgrade syntax for newer versions.

A python docutils-compatibility bridge to CommonMark.

This allows you to write CommonMark inside of Docutils & Sphinx projects.

Documentation is available on Read the Docs:
http://recommonmark.readthedocs.org

Python implementation of Request Tracker (a ticketing system) REST API described here: https://rt-wiki.bestpractical.com/wiki/REST

A Python module for semantic versioning. Simplifies comparing versions.
See also http://semver.org/

Shodan is a search engine for Internet-connected devices. Google lets you search for websites, Shodan lets you search for devices. This library provides developers easy access to all of the data stored in Shodan in order to automate tasks and integrate into existing tools.

Sphinx extension for adding asyncio-specific markups

sphinxcontrib-fulltoc is an extension for the Sphinx_ documentation
system that changes the HTML output to include a more detailed table
of contents in the sidebar. By default Sphinx only shows the local
headers for the current page. With the extension installed, all of the
page titles are included, and the local headers for the current page
are also included in the appropriate place within the document.

A Python wrapper for ssdeep, which is a library for computing context triggered piecewise hashes (CTPH). Also called fuzzy hashes, CTPH can match inputs that have homologies. Such inputs
have sequences of identical bytes in the same order, although bytes in between these sequences may be different in both
content and length.

A Python client library for accessing messaging servers (such as ActiveMQ, Apollo or RabbitMQ) using the STOMP protocol versions 1.0, 1.1 and 1.2. It can also be run as a standalone, command-line client for testing.

termstyle is a Python library for adding coloured output to
terminal (console) programs. The definitions come from ECMA-048, the
"Control Functions for Coded Character Sets" standard.

This is a Python implementation of the Textile
(http://textism.com/tools/textile) markup language.

Textile is a XHTML generator using a simple markup developed by Dean
Allen. This is a Python port with support for code validation, itex to
MathML translation, Python code coloring and much more.

textX is a meta-language for building Domain-Specific Languages (DSLs) in Python.
It is inspired by Xtext.

In a nutshell, textX will help you build your textual language in an easy way.
You can invent your own language or build a support for already existing
textual language or file format.

From a single language description (grammar), textX will build a
parser and a meta-model (a.k.a. abstract syntax) for the language.
See the docs for the details.

textX follows the syntax and semantics of Xtext but differs in some places
and is implemented 100% in Python using Arpeggio PEG parser - no grammar
ambiguities, unlimited lookahead, interpreter style of work.

This library mocks all functions from Python's standard library that return the current date or datetime.
It can be used independently, as a function decorator, or as a context manager.

A python library that helps users write deterministic tests for time sensitive and I/O intensive code.

Extract the top level domain (TLD) from the URL given. List of TLD names is
taken from Mozillas public suffix list:

A wrapper around the stdlib `tokenize` which roundtrips.