The Malware Database (MalwareDB) is a project which maintains the bookkeeping of malicious and benign files to aid malware researchers, cybersecurity analysts, forensic investigators, and anyone else who finds themself with a lot of malware or unknown on their hands. The main objectives:

• Store the samples in a centralised manner for members of the team to retrieve.
• Use similarity hashes to find similarities between samples, and explore previously unknown connections.
• Categorise and organise the data by customisable tags and labels, to make it easier to control how data is shared or not shared.
• To be cross-platform and scalable.
• Development of some of the core functionality in such a way that they're usable in other projects.

The code is available on Github.

---

What works today:	What is planned or in-progress:	Non-features:
Submit & retrieve samples. Query MalwareDB for similar files based on given sample. Works on Intel machines, also tested on a Raspberry Pi.	Fully featured admin GUI tool to add/edit users, add/edit sources, add/edit tags & labels. Planned: Web interface. Planned: Train machine learning models based on the labeled data. New: Re-write in Rust!	MalwareDB is not and will not be a hosted web service. It is an on-premises program, and it's BYOM (bring your own malware). Make automated determinations as to which files are malicious or which are safe.

Last updated: 02 March 2023

info (AT) malwaredb (DOT) net