Python Libraries

This page is a list of libraries that we have found useful for various projects written in Python, for purposes of DFIR and non-DFIR. Where possible, you will find download and documentation links, explanations of how it was beneficial, and maybe even some sample code. Hope this helps on your quest to learn Python.

Bottle permalink
Very simple web server framework
This server framework has some template functionality built to to give a bit of a PHP or ASP like feature to it, but its very lightweight and fast. It doesn't support some of the heavier features like SSL or authentication.
Native Lib: No
Python Ver: v2 & v3
Website: http://bottlepy.org/docs/dev/index.html
PIP: pip install bottle
Projects: Evolve

Biplist permalink
OS X binary plist parsing
This library gives python the ability to parse the data structures inside OS X & iOS binary plist files.
Native Lib: No
Python Ver: v2 & v3
Website: https://bitbucket.org/wooster/biplist
PIP: pip install biplist

Requests
HTTP for Humans
Requests allows you to send HTTP/1.1, without the need to manually add query strings or form-encoded data.
Native Lib: No
Python Ver: v2 and v3
Website: http://docs.python-requests.org
PIP: pip install requests
Project: MatchMeta.Info Morph

Shlex permalink
Text parsing
This library has a totally different purpose than what it has been helpful for. It excels at parsing CSV type data when there are single and double quotes involved.
Native Lib:Yes
Python Ver: v2 & v3
Website: https://docs.python.org/3/library/shlex.html

Twisted
Asynchronous Networking Framework
Focus on event-based network programming and multiprotocol integration.
Native Lib: No
Python Ver: v2 and v3
Website: https://twistedmatrix.com
PIP: pip install twisted
Project: MatchMeta.Info API