Malduck

New features and improvements:
- crypto: Added `chacha20` and `salsa20` ciphers (https://github.com/CERT-Polska/malduck/pull/46)
- crypto: Added `camellia` cipher (https://github.com/CERT-Polska/malduck/pull/48, thanks malwarefrank for contribution!)
- pe: `malduck.pe.PE.resources` returns None instead of passing exception from pefile if PE file doesn't have correct resource section (https://github.com/CERT-Polska/malduck/pull/49)
- Added PEP 561 typing stub (https://github.com/CERT-Polska/malduck/pull/50)

Bugfixes:
- Fixed regression in `idamem`
- Small fixes in documentation

Bugfixes:

- Fixed premature file/mmap closing in ProcessMemory objects
- Logging stacktrace (with `debug` level) when something bad happen in `ProcessMemory.image` property getter

- Minor bugfixes

Breaking changes:

- Dropped support for Python 2
- Unified malduck interface:
- Dropped `malduck.short` module: all features are exposed directly by `malduck` module
- Unified `crypto` interface - the only allowed variants are listed below:
- `aes.<mode>.encrypt()`, `aes.<mode>.decrypt()`
- `blowfish.ecb.encrypt()`, `blowfish.ecb.decrypt()`
- `des3.cbc.encrypt()`, `des3.cbc.decrypt()`
- `serpent.cbc.encrypt()`, `serpent.cbc.decrypt()`
- `rabbit()`
- `rc4()`
- `xor()`
- Removed `length` argument from `aplib()` (deprecated from 2.x)
- Removed `pe2cuckoo` function (orphaned long time ago)
- `Extractor.handle_yara` is deprecated. If you want to customize ripping process and `Extractor.*` decorators doesn't cover your needs: use `Extractor.handle_match` which is providing extended Yara match information.
- Disassemble methods are returning iterator instead of list (`procmem.disasmv`, `malduck.disasm`)

New features and improvements:
- Added `Extractor.rule` and `Extractor.string` decorators (5 and 6)
- Added opt-in extended Yara match structures:
- optional `extended` argument in `procmem.yarap/yarav` methods and `malduck.yara.Yara.match` method
- in place of `YaraRulesetOffsets` (`YaraMatches` alias) and `YaraRuleOffsets` (former `YaraMatch`), extended match uses more verbose structures: `YaraRulesetMatch`, `YaraRuleMatch` and `YaraStringMatch`. They're provided via new extractor methods: `handle_match`, `rule` and `string` decorated
- everything is opt-in: `handle_yara`, `extractor` and `final` are unaffected, so modules should stay compatible.
- `bigint()` is deprecated in favor of `bigint.pack` and `bigint.unpack` methods. `bigint()` method was switching between string and integer representations which was unintuitive. Added big-endian variants: `bigint.pack_be` and `bigint.unpack_be` (https://github.com/CERT-Polska/malduck/issues/10)
- Disassemble methods (`procmem.disasmv`, `malduck.disasm`) are accepting additional argument: `count` of instructions.
- Added typings
- Various small bugfixes

**v3.2.x is planned to be the last minor release that supports Python 2**

New features and improvements:
- Added `--version` switch to malduck CLI
- Added `.encrypt()` methods to all supported ciphers in `crypto` module
- `malduck.short` module is deprecated, all components should be imported directly from `malduck` module. Elements that are not part of interface can be imported directly from subpackages.
- Unified `crypto` module interface and deprecated shortcut variants due to inconsistency between various algorithms and modes. Changes can be found in documentation or https://github.com/CERT-Polska/malduck/pull/8
- [cryptography](https://pypi.org/project/cryptography/) is no longer used in malduck (in favor of [PyCryptodome](https://pypi.org/project/pycryptodome/))

Bugfixes:
- Fixed extractor module loader in `extractor` module: some modules were not properly loaded from `sys.modules` cache so they were executed after each creation of `malduck.extractor.ExtractorModules` object.
- Tuples can be included in config - fixed `encode_for_json`
- Fixed issues in documentation