About
MalwareBazaar is a project operated by abuse.ch. The purpose of the project is to collect and share malware samples, helping IT-security researchers and threat analysts protecting their constituency and customers from cyber threats.
If you are a vendor and you would like to use data provided by MalwareBazaar, please have a quick look at the following pages:
Partners
MalwareBazaar has integrated data and services from:
Hybrid Analysis
Hybrid Analysis - free malware analysis service that detects and analyzes unknown threats
Users
The following tools, products and services are using MalwareBazaar:
Technology
MalwareBazaar uses the following tools and services:
- Fastly as Content Delivery Network (CDN)
- Google Cloud Storage for storing malware samples
- Google Compute Engine for virtual machines
- Google Cloud SQL as database backend
- Ubuntu as prefered server OS
- Apache as prefered webserver
- Python as prefered scripting language
- PHP as prefered web scripting language
- Google Charts for generating statistics and charts
- Chart.js for generating statistics and charts
- Bootstrap for web design
- Font Awesome icons
- jQuery JavaScript library
- Bootstrap Tags Input for malware sample tagging (web)
- clipboard.js for web copy&paste functionality
- FAMFAMFAM flags
- Twitter OAuth for authentication
- MaxMind GeoLite2 Free for geo location
- ClamAV antivirus engine
- Trend Micro TLSH fuzzy matching library
- Trend Micro ELF Hash (telfhash) fuzzy matching library for ELF
- ssdeep fuzzy matching library
- yara pattern matching
- humanhash for generating Human-readable digests
- oletools for analyzing office documents
- gimphash to calculate an imphash equivalent for Go binaries
- Magika for AI powered file type identification
- TrID for file type identification
Special thanks
Special thanks to:
- @viql for beta testing
- @cocaman for beta testing, providing spam trap data and his git repository