Skip to content

rcanzanese/malwareharvester

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits

.gitignore

.gitignore

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

databaseinterface.py

databaseinterface.py

 
 

malwareharvester.py

malwareharvester.py

 
 

virustotalinterface.py

virustotalinterface.py

 
 

Repository files navigation

malwareharvester

Tool for collecting and cataloging malware samples.

Collects malware samples from URL black lists or from the filesystem. Crawls commonly used URL blacklists. Also downloads and archives samples from malshare. Collected samples are scanned using VirusTotal, and metadata are stored in a MySQL database.

Database schema

Malware metadata are stored in a MySQL database in a table named malware.

The table must have, at a minimum, the following columns. Columns for the AV results are automatically created.

CREATE TABLE `malware` (
  `MD5` char(32) DEFAULT NULL,
  `SHA1` char(40) NOT NULL DEFAULT '',
  `Detectors` int(11) DEFAULT NULL,
  `Detections` int(11) DEFAULT NULL,
  `Verification` int(11) DEFAULT NULL,
  `DateAdded` datetime DEFAULT NULL,
  `TrID` text,
  `SourceURL` text,
  `Source` text,
  `Filename` text,
  `ScanDate` datetime DEFAULT NULL,
  `FirstSeen` datetime DEFAULT NULL,
  `LastSeen` datetime DEFAULT NULL,
  `LastUpdated` datetime DEFAULT NULL,
  PRIMARY KEY (`SHA1`),
) ENGINE=InnoDB DEFAULT CHARSET=latin1

About

Tool for collecting and cataloging malware samples.

Resources

Readme

License

GPL-2.0 license
Activity

Stars

5 stars

Watchers

1 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages