Dailydave: Re: OffensiveComputing

[Dan Moniz <dnm () pobox com>]

val smith wrote:

[snip]

> The basic idea is a community site where you can search for malware based on
> name or md5sum and get zipped copies. People can upload malware and
> collaborate on analysis in a sort of a blog style. (think community
> commented disassemblies, graphs, ida databases, etc.)
>
> I know there are some problems with it such as md5sums aren't the best
> method for cataloging malware but its a start. And honestly most of the
> stuff I run across in general is not super sophisticated or polymorphic,
> etc.
>
> I've got some malware collection stuff to help add to the database and I
> have a small collection built up over the years that I am slowly adding.
>
> I've started it off with some copies of common stuff like welchia, sobig,
> the sony drm thing, etc. and some minimal analysis stuff.
>
> I'm open to any suggestions/contributions or even "this isn't a good idea
> because . . ."
You should also check out the MITRE Common Malware Enumeration (CME) 
project <http://cme.mitre.org/>

--
Dan Moniz <dnm () pobox com> [http://pobox.com/~dnm/]