Malware collecting



Are there malware collectors around?

If so, how do you sort your collection in order to have unique samples? For renaming them by its MD5 hash is a good option.

Besides that, do you trade? I used to visit #vxers at Undernet and trade malwares with some people in early 2000. Now the channel is almost empty most of the time…

(fxbg) #2

GIthub has shit tons of repos like this


There was a post about this a few months ago on how to do it on your own, go check it out Run the Trap! How to Setup your own Honeypot to collect Malware samples

(Security Architect & Founder) #4

Yes @REal0day - get that malware collection in here!


There is also some guy on Twitter who shares his samples, particularly more advanced from APT Groups.



Very surprised none has mentioned theZoo , which is my favorite absolute collection


oh, I didnt know about that. thanks.


Yeah, this one I already knew… thanks anyway.


Theres also

  • Hybrid Analysis - link
  • VirusShare - link can torrent their entire collection (12 TB)
  • - link Malware searching capability and can request download (mainly to search for malware families)
  • Researcher owned collection - link Organized by APT group
  • VirusBay - link need an invite code to join but probably the best malware community out there
  • Malshare - link Public Cuckoo instance from which you can download samples from


If you want some B-S free mac malware samples go here
It also has some super cool tools (I use all of them)
I like how well documented the malware is also.

(Security Architect & Founder) #11

LOL - are you calling objective-see software malware?


Pal, don’t be so negative, it’s on the page you just didn’t look at it, there’s a section for mac malware, mac everything really, key loggers, adware etc… It’s cool you should check it out

(Security Architect & Founder) #13

Haha, I think I would of realised what you meant if you had posted:

and not the products page.


Sorry pal, enjoy the malware

(system) #15

This topic was automatically closed after 30 days. New replies are no longer allowed.