Malware collecting

malware

#1

Are there malware collectors around?

If so, how do you sort your collection in order to have unique samples? For renaming them by its MD5 hash is a good option.

Besides that, do you trade? I used to visit #vxers at Undernet and trade malwares with some people in early 2000. Now the channel is almost empty most of the time…


(fxbg) #2

GIthub has shit tons of repos like this


#3

There was a post about this a few months ago on how to do it on your own, go check it out Run the Trap! How to Setup your own Honeypot to collect Malware samples


(Security Architect & Founder) #4

Yes @REal0day - get that malware collection in here!


#5

There is also some guy on Twitter who shares his samples, particularly more advanced from APT Groups.

-> https://twitter.com/0xffff0800


#6

Very surprised none has mentioned theZoo , which is my favorite absolute collection https://github.com/ytisf/theZoo


#7

oh, I didnt know about that. thanks.


#8

Yeah, this one I already knew… thanks anyway.


#9

Theres also

  • Hybrid Analysis - link
  • VirusShare - link can torrent their entire collection (12 TB)
  • Malware.one - link Malware searching capability and can request download (mainly to search for malware families)
  • Researcher owned collection - link Organized by APT group
  • VirusBay - link need an invite code to join but probably the best malware community out there
  • Malshare - link Public Cuckoo instance from which you can download samples from

#10

If you want some B-S free mac malware samples go here
https://objective-see.com/products.html
It also has some super cool tools (I use all of them)
I like how well documented the malware is also.


(Security Architect & Founder) #11

LOL - are you calling objective-see software malware?


#12

Pal, don’t be so negative, it’s on the page you just didn’t look at it, there’s a section for mac malware, mac everything really, key loggers, adware etc… It’s cool you should check it out


(Security Architect & Founder) #13

Haha, I think I would of realised what you meant if you had posted:

and not the products page.


#14

Sorry pal, enjoy the malware


(system) #15

This topic was automatically closed after 30 days. New replies are no longer allowed.