The Malware Database (MalwareDB) is a project which maintains the bookkeeping of malicious and benign files to aid malware researchers, cybersecurity analysts, forensic investigators, and anyone else who finds themself with a lot of malware or unknown on their hands. The main objectives are:

• Store the samples in a centralized manner for members of the team to retrieve.
• Use similarity hashes to find similarities between samples, which may be previously unknown relationships.
• Categorize and organize the data by customizable hierarchical labels, to make it easy to develop your own queryable taxonomy for your dataset.
• To be cross-platform and scalable.
• Development of some of the core functionality in such a way that they're usable in other projects.
• Written in Rust for memory safety and speed, with unit tests & dependency management.

The code is available on Github and mirrored on Codeberg. There's also an experimental Dockerfile.

---

What works today:	What is planned or in-progress:	Non-features:
Submit & retrieve samples. Searching based on similarity hashes. Basic administration tools on the command line, and a GUI for simple admin editing. Developed and tested on Linux, macOS, FreeBSD; x86_64, aarch64, powerpc64le. CI ensures the client & server build on Windows arm64 & x86_64.	Planned: Fully featured admin GUI tool. Planned: Web interface. Planned: Support for Confidential Computing by running in Trusted Execution Environments, starting with Enarx.	MalwareDB is not and will not be a hosted web service. It is an on-premises program, and it's BYOM (bring your own malware). MalwareDB will not make automated determinations as to which files are malicious or which are safe.

Last updated: 05 May 2025

info (AT) malwaredb (DOT) net