Never Ending Security

It starts all here

Tag Archives: Maltrieve

Maltrieve – A tool to retrieve malware directly from the source for security researchers.


Maltrieve originated as a fork of mwcrawler.

This tool retrieves malware directly from the sources as listed at a number of sites, including:

These lists will be implemented if/when they return to activity.


  • Proxy support
  • Multithreading for improved performance
  • Logging of source URLs
  • Multiple user agent support
  • Better error handling
  • VxCage and Cuckoo Sandbox support



Basic execution: python


usage: [-h] [-p PROXY] [-d DUMPDIR] [-l LOGFILE] [-x] [-c]

optional arguments:
  -h, --help            show this help message and exit
  -p PROXY, --proxy PROXY
                        Define HTTP proxy as address:port
  -d DUMPDIR, --dumpdir DUMPDIR
                        Define dump directory for retrieved files
  -l LOGFILE, --logfile LOGFILE
                        Define file for logging progress
  -x, --vxcage          Dump the file to a VxCage instance running on the
  -c, --cuckoo          Enable cuckoo analysis

More information can be found at: