A forum for reverse engineering, OS internals and malware analysis
Xylitol wrote:i've found this one http://www.malwaredump.com/Anyone who got an update on how MalwareDump is doing? They have not brought any update for a lot of time.
Welcome to the Cyber-TA
SRI Honeynet and BotHunter Malware Analysis
Automatic Summary Analysis Table
PUBLIC PAGE
Welcome: The malware infections displayed in our daily infection log summaries were harvested live from the SRI high-interaction honeynet. The daily infection logs (right) present each day's infection summary, and are 100% autogenerated and posted each morning (PT).
http://www.cyber-ta.org/releases/malwar ... sis/public
Emerging Threats
Emerging Threats is an open source community project now backed by Emerging Threats Pro. Through the support of our community we are able to produce the fastest moving and most diverse Suricata and Snort Rulesets and firewall rules available.
http://www.emergingthreats.net/index.ph ... e&Itemid=1
http://www.emergingthreats.net/index.ph ... &Itemid=38
http://rules.emergingthreats.net/blockrules
alliance.mwcollect.org
Since the mwcollect Alliance gives its members access to a huge amount of critical and sensitive data, registration is not open to anyone. Members do not only get access to a huge repository of malicious code, but they can also obtain sensitive information such as the addresses of other member's honeypots.
https://alliance.mwcollect.org/public/join_requirements
CloneRanger wrote:Here's a few more for you that "might" prove useful ;)Whats cool about Cyber-TA is even though, they don't allow you to pull the MD5 or PCAP normally. you can find the MD5 from the Data-Strings URL [Second to last URL]
Welcome to the Cyber-TA
SRI Honeynet and BotHunter Malware Analysis
Automatic Summary Analysis Table
PUBLIC PAGE
Welcome: The malware infections displayed in our daily infection log summaries were harvested live from the SRI high-interaction honeynet. The daily infection logs (right) present each day's infection summary, and are 100% autogenerated and posted each morning (PT).
http://www.cyber-ta.org/releases/malwar ... sis/public
CloneRanger wrote:@ mwilson
Hi, Thanks for the feedback, it's nice to know. & that you are able to make use of the www :)
*
Note to Admin/Mods
That www & the others i listed in the same post, havn't yet appeared in the Master List - http://www.kernelmode.info/forum/viewto ... f=16&t=308 - Is there a particular reason why ?
TIA
Since the mwcollect Alliance gives its members access to a huge amount of critical and sensitive data, registration is not open to anyone. Members do not only get access to a huge repository of malicious code, but they can also obtain sensitive information such as the addresses of other member's honeypots.How to download malware data from there?
To protect the Internet community, respectively mwcollect Alliance members, it must be ensured that no information is leaked from inside the Alliance to the outside. This requirement is fulfilled by the Database Content's License, which is automatically mutually agreed upon by both parties, the member and the Alliance upon usage of the mwcollect Alliance's database.
Because of thisI don't recall seeing that before !
How to download malware data from there?I see what you mean, obviously not directly. But at least the option is open for those that wish to participate, who can DL/share etc. So it is another source of Malware, which i thought could be useful to some people !
https://alliance.mwcollect.org/public/join_requirementsis not available because of outdated certificate ;)
Any member of the mwcollect Alliance has to contribute back, at least in the form of deployed and linked nepenthes sensors.- in such conditions it is very bold requirement! And sure
Members do not only get access to a huge repository of malicious code, but they can also obtain sensitive information such as the addresses of other member's honeypots.is a problem of administration, not members.
