Never Ending Security

It starts all here

Maltrieve – A tool to retrieve malware directly from the source for security researchers.

Maltrieve

Maltrieve originated as a fork of mwcrawler.

This tool retrieves malware directly from the sources as listed at a number of sites, including:

These lists will be implemented if/when they return to activity.

Improvements

  • Proxy support
  • Multithreading for improved performance
  • Logging of source URLs
  • Multiple user agent support
  • Better error handling
  • VxCage and Cuckoo Sandbox support

Dependencies

Usage

Basic execution: python maltrieve.py

Options

usage: maltrieve.py [-h] [-p PROXY] [-d DUMPDIR] [-l LOGFILE] [-x] [-c]

optional arguments:
  -h, --help            show this help message and exit
  -p PROXY, --proxy PROXY
                        Define HTTP proxy as address:port
  -d DUMPDIR, --dumpdir DUMPDIR
                        Define dump directory for retrieved files
  -l LOGFILE, --logfile LOGFILE
                        Define file for logging progress
  -x, --vxcage          Dump the file to a VxCage instance running on the
                        localhost
  -c, --cuckoo          Enable cuckoo analysis

More information can be found at: https://github.com/krmaxwell/maltrieve

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s