Skip to content

Latest commit

 

History

History
102 lines (67 loc) · 7.01 KB

README.md

File metadata and controls

102 lines (67 loc) · 7.01 KB

Malware Sample Sources - A Collection of Malware Sample Repositories

Requests Welcome HitCount GitHub stars

Logo

This is a project created to make it easier for malware analysts to find virus samples for analysis, research, reverse engineering, or review. Malware can be tricky to find, much less having a solid understanding of all the possible places to find it, This is a living repository where we have attempted to document as many resources as possible in order to make your job easier. Please be sure to exercise EXTREME CAUTION when handling these files because as you well know, they have been designed and developed with malicious intent by their original authors. We believe in transparency and helping the good guys have the right access and tools they need to rip these malicious files apart.

We welcome all requests and contributions!

Please remember that these are live and dangerous malware! Do NOT run them unless you are absolutely sure of what you are doing! They are to be used only for educational purposes only. !!!

We highly recommend reviewing these files in a pristine sandboxed environment or in a dedicated Virtual Machine that has no Internet access. If you are not careful, you will infect yourself or others with dangerous malware!!!


NO REGISTRATION REQUIRED

The following repositories are the easiest to get started with because they require no registration or special access. You can simply go to the website and download a file immidateily.

New and Maintained

Name URL Description
Malware Feed https://github.com/MalwareSamples/Malware-Feed Collection of malware recently developed organized by Threat Reports from CISA, FBI, Antivirus companies and others. Designed to make it easier to find samples tied to a given alert notice or publication.
The Zoo https://github.com/ytisf/theZoo Organized Collection by Family spanning a few years. Also known as "Malware DB" https://thezoo.morirt.com.
Malware Samples https://github.com/fabrimagic72/malware-samples Small collection of malware organized by family.
Malware Archive https://github.com/jstrosch/malware-samples Variety of malware samples, freshly maintained. Contains binaries, memory dumps, and office documents.
InQuest https://github.com/InQuest/malware-samples A collection of malware samples and relevant dissection information, most probably referenced from their Blog or Twitter Feed.
MalwareBazaar https://bazaar.abuse.ch/ Run by abuse.ch. The purpose of the project is to collect and share malware samples, helping IT-security researchers and threat analysts protecting their constituency and customers from cyber threats.
VX Underground https://vx-underground.org/samples.html

Old and Outdated

Name URL Description
Das Malwerk https://dasmalwerk.eu Miscellaneous collection of malware samples by Robert Svensson. Doesn't appear to be updated.
HynekPetrak https://github.com/HynekPetrak/javascript-malware-collection old Javascript Malware Collection.
WolfVan https://github.com/wolfvan/some-samples Medium collection of samples captured with honeypots.
MalWAReX https://github.com/0x48piraj/MalWAReX Mostly Remote Access Trojan (RAT) samples.
MalwareTech https://github.com/RamadhanAmizudin/malware Small collection of malware sources and samples leaked online.
Mustafa https://github.com/mstfknn/malware-sample-library Small collection of APT malware.
Objective-See https://objective-see.com/malware.html Very small archive of MAC (Apple) malware by family.

REGISTRATION REQUIRED

Name URL Description
Virus Samples https://virussamples.com Enterprise and Free feeds available. Massive repository and archive.
VirusShare https://virusshare.com/ VirusShare is a service hosted and maintained by Corvus Forensics.
MalQuarium https://malquarium.org/ Small archive of samples mostly from MalShare and URLHaus. Web based malware repository.
MalShare https://malshare.com Free Malware repository run by Silas Cutler.
Contagio http://contagiodump.blogspot.com/ Blog that is updated from time to time with interesting samples. Not an archive.
PolySwarm https://polyswarm.io Blockchain based Antivirus Aggregation engine that allows you to download certain samples with registration.
VirusTotal https://www.virustotal.com Antivirus Aggregation engine that allows you to download certain samples with registration.
VirusBay https://beta.virusbay.io/ Small community drive malware collection.
VirusSign https://virussign.com VirusSign offers a collection of high quality malware samples in various categories. 500/day are free.

Sandbox Platforms

Name URL Description
Any.run https://app.any.run interactive online sandbox with lots of options.
Hatching Triage https://tria.ge/dashboard Sandbox where you can submit files of your own and download others.
Hybrid Analysis https://www.hybrid-analysis.com/ Free malware analysis service for the community that detects and analyzes owned by Crowdstrike.
SNDBOX https://app.sndbox.com/ Currently under maintenance.

Old and Outdated

Name URL Description
KernelMode https://kernelmode.info Forum for malware analysis and discussion. Not an archive. Doesn't seem to be maintained.

OTHER

Name URL Description
PacketTotal https://packettotal.com Malware inside downloadable PCAP files.
Malware Traffic Analysis https://www.malware-traffic-analysis.net/ Blog style lists of various pcap files and malware samples for analysis. They are structured in an exercise format for learning.
URLhaus https://urlhaus.abuse.ch/browse/ Another project by the kind folks at abuse.ch. Contains links to live sites hosting malware, also known as malicious URLS.

END

Thanks for you interest!

Brought to you by the Virus Samples Team at https://VirusSamples.com.