Malduck

* Big-endian pack/unpack in `malduck.ints`
* ELF detection in `malduck.extractor.extract_manager.push_file`
* Logging support in CLI + `Extractor.log` getter for Logger
* Bugfixes and additional type/argument validation checks (`yara_rules` type check in Extractor classes)

Bugfixes:
* fixed incompatibility with Python 2 (`exist_ok` argument in `os.makedirs` is Py3-only)
* fixed bug in `malduck.pe.PE.validate_padding`

Breaking changes:
* `malduck.hex` was renamed to `malduck.enhex` due to collision with built-in `hex`
* Removed `malduck cuckoomem.list` command from CLI tool

New features:
* **Yara-based engine for static configuration extractors** (`malduck.extractor`, currently should be considered "beta" - more information will be published soon)
* Wrapper for yara-python (`malduck.yara`) + support for Yara search in `ProcessMemory` objects (`procmem.yarav`)
* **Basic support for ELF format** (`malduck.procmemelf`)
* Removed closed source native modules (originated from roach)
* Added pure-Python aplib module
* Many small improvements

Fixes:
* Fix for "aplib decompress with empty buffer hangs forever"
* More robust `procmempe._load_image` and `procmempe.store` implementation
* Restructured and improved documentation readability

Fixed bugs:
* `procmempe.pe.section(...)` operations didn't work properly for PE images because of bugs in `malduck.pe.MemoryPEData` implementation
* Improved `procmempe.pe.validate_padding()` (`detect_image`)
* Added workaround for https://github.com/erocarrera/pefile/pull/266

New features:
* `detect_image` in procmempe (detect correct PE file and load with `image=True` if necessary)
* added LZNT1 decompression
* added `procmempe.store` and related `fixpe` tool in CLI


$ malduck fixpe malwr.bin malwr.exe