Malwares source repositories. Where?

Question

As the best way to learn is to read the code, do you know where I can find malware/virus/whatever source code to read?

Tate Hansen · Accepted Answer · 2010-11-17T17:17:04.917

15

Update: I added the link below after a reading a twitter message
"Links and resources for malware samples"
http://contagiodump.blogspot.com/2010/11/links-and-resources-for-malware-samples.html

Malware specific:

If you have money: http://www.frame4.net/home
Free (and paid): http://www.offensivecomputing.net/

Exploits:

http://www.exploit-db.com/
"The Exploit Database (EDB) – an ultimate archive of exploits and vulnerable software. A great resource for penetration testers, vulnerability researchers, and security addicts alike. Our aim is to collect exploits from submittals and mailing lists and concentrate them in one, easy to navigate database."

http://www.packetstormsecurity.org/ is another one

edited Nov 17 '10 at 17:17

answered Nov 14 '10 at 04:13

Tate Hansen

13,714
3
40
83

2

These are exploit, advisory and vulnerable apps repositories, there are no malware samples as I know. – Nov 14 '10 at 11:07
1

I may have taken the ‘whatever source’ from the question too liberally – I added a couple malware specific resources, thanks! – Tate Hansen Nov 15 '10 at 03:36
1

exploit-db.com does not offer any malware source code. It only list vulnerabilities of known 'innocent' and widely used softwares. – May 06 '14 at 15:00

score 4 · Answer 2 · answered Nov 14 '10 at 11:11

Here are different samples of malware: http://forums.malwarebytes.org/index.php?showforum=51. Also, you can setup honeypot (like this: http://code.mwcollect.org/projects/show/mwcollectd) to collect samples on your own.

score 3 · Answer 3 · answered Jun 26 '11 at 04:24

If you're willing to contribute back, set your machine with Dionaea honeypot and enable XMPP support. You could leech malware from your friends out there.

Also, if you extend a bit your Dionaea config and apply for "freelance" account with http://alliance.mwcollect.org you could get access to their bulky malware repositories and automatically download Windows malwares as you wish.

Milla's (contagiodump) blog is pretty good too. Recently she did update her blog with Mobile malware.

score 2 · Answer 4 · answered Dec 07 '10 at 16:56

2

The SecurityFocus website often has exploit code for vulnerabilities reported there.

answered Dec 07 '10 at 16:56

2

SecurityFocus has been known to manipulate exploits so they no-longer compile and/or run. – ewanm89 Jul 17 '12 at 00:15

Malwares source repositories. Where?

4 Answers4

Linked

Related