The Malware Database (MalwareDB) is an open-premises project which maintains the bookkeeping of malicious and benign files to aid malware researchers, cybersecurity analysts, forensic investigators, and anyone else who works with malware or file collections. The main objectives are:

• Store the samples in a centralized manner for members of the team to retrieve.
• Use similarity hashes to find similarities between samples, which may be previously unknown relationships.
• Categorize and organize the data by customizable hierarchical labels, to make it easy to develop your own queryable taxonomy for your dataset.
• To be cross-platform and scalable.
• Development of some of the core functionality in such a way that they're usable in other projects.
• Written in Rust for memory safety and speed, with unit tests & dependency management.

The source code is available on GitHub and mirrored on Codeberg. Binaries and containers are on GitHub.

---

What works today:	What is planned or in-progress:	Non-features:
Submit & retrieve samples. Searching based on similarity hashes or Yara rules. Python client (malwaredb on PyPI). Basic administration tools on the command line, and a GUI for simple admin editing. Developed and tested on Linux, macOS, FreeBSD; x86_64, aarch64, powerpc64le. CI ensures the client & server build on Windows arm64 & x86_64.	Planned: Fully featured admin GUI tool. Planned: Web interface. Planned: Support for Confidential Computing by running in Trusted Execution Environments, starting with Enarx.	MalwareDB is not and will not be a hosted web service. It is an on-premises program, and it's BYOM (bring your own malware). MalwareDB will not make automated determinations as to which files are malicious or which are safe.

Last updated: 26 January 2026

info (AT) malwaredb (DOT) net