mirror of
https://github.com/ytisf/theZoo.git
synced 2026-02-21 11:18:08 +00:00
Fix Readme
This commit is contained in:
Yuval Nativ
123
README.md
Normal file
123
README.md
Normal file
@@ -0,0 +1,123 @@
|
||||
About
|
||||
======
|
||||
Malware DB is a project created to make the possibility of malware
|
||||
analysis open and available to the public. Since we have found out
|
||||
that almost all versions of malware are very hard to come by in a
|
||||
way which will allow analysis we have decided to gather all of them
|
||||
for you in an available and safe way.
|
||||
|
||||
|
||||
Disclaimer
|
||||
==========
|
||||
Malware DB's purpose is to allow the study of malware and enable
|
||||
people who are interested in malware analysis or maybe even as
|
||||
a part of their job to have access to live malware, analyse the
|
||||
ways they operate and maybe even enable advanced and savvy
|
||||
people to block specific malwares within their own environment.
|
||||
|
||||
|
||||
GPL 3
|
||||
======
|
||||
Malware DB - the most awesome free malware database on the air
|
||||
Copyright (C) 2014, Yuval Nativ, Lahad Ludar, 5fingers
|
||||
|
||||
This program is free software: you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation, either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
|
||||
|
||||
Documentation and Notes
|
||||
========================
|
||||
|
||||
# Background:
|
||||
The idea behind Malware DB it to allow it to be modular and let
|
||||
you enter more malwares of your own. Each malware should have a
|
||||
directory of it's own.
|
||||
|
||||
|
||||
# Root Files:
|
||||
The main files you see on the root folder are:
|
||||
1. index.csv - The main index of the malwares you have
|
||||
access to and can be searched in your
|
||||
local folders.
|
||||
2. malware-db.py - The main indexing file. Use it to
|
||||
search for malware in the index.csv
|
||||
file on the same folder.
|
||||
3. Rebuild_CSV.sh - Rebuilds index.csv based on the
|
||||
index.log files in all the recursive
|
||||
directories.
|
||||
|
||||
|
||||
# Directory Structure:
|
||||
Each directory is composed of 5 files:
|
||||
1. Malware files in an encrypted ZIP archive.
|
||||
2. SHA256 sum of the 1st file.
|
||||
3. MD5 sum of the 1st file.
|
||||
4. Password file for the archive.
|
||||
5. index.log file for the indexer.
|
||||
|
||||
|
||||
# Structure of index.csv
|
||||
The main index.csv is the DB which you will look in to find
|
||||
malwares indexed on your drive. We use the , charachter as
|
||||
the delimiter to our CSVs.
|
||||
The structure is al follows:
|
||||
|
||||
uid,location,type,name,version,author,language,date
|
||||
|
||||
UID - Determined base on the indexing process.
|
||||
Does not really have any purpose yet.
|
||||
Location - The location on the drive of the malware
|
||||
you have searched for. This and the UID
|
||||
field are automatically built on run
|
||||
by Rebuild_CSV.sh.
|
||||
Type - Sorts the different types of malware there are
|
||||
So far we sort by: Virus
|
||||
Trojans
|
||||
Botnets
|
||||
Ransomeware
|
||||
Spyware
|
||||
Name - Just the name of the malware.
|
||||
Version - Nothing to say here as well.
|
||||
Author - ... I'm not that into documentation...
|
||||
Language - VB/C/ASM/C++/Java or binaries (bin)
|
||||
Date - See 'Author' section.
|
||||
|
||||
|
||||
# Structure of index.log:
|
||||
index.log is about the only file which we cannot built
|
||||
automatically and you will need to write it down for your
|
||||
self.
|
||||
The structure is to be:
|
||||
|
||||
type,name,version,author,language,date,
|
||||
|
||||
Don't worry about the UID and Location section which are
|
||||
not there, they will be built by Rebuild_CSV.sh while it
|
||||
collects data on the malwares.
|
||||
|
||||
|
||||
Bugs and Reports
|
||||
================
|
||||
The repository holding all files is currently
|
||||
https://github.com/ytisf/theZoo
|
||||
|
||||
Stuff which are in the making:
|
||||
1. More precise searching and indexing including
|
||||
platform and more.
|
||||
2. We have about 400 more malwares to map and add
|
||||
3. Git update of platform and new malware.
|
||||
4. Fix display of search.
|
||||
|
||||
If you have any suggenstions or malware that you have indexed
|
||||
as in the documentations please send it to us to yuvaln210 [at]
|
||||
gmail so we can add it for every one's enjoyment.
|
||||
Reference in New Issue
Block a user