Dailydave mailing list archives

Re: OffensiveComputing

From: Dan Moniz <dnm () pobox com>
Date: Fri, 09 Dec 2005 18:17:39 -0800

val smith wrote:

[snip]

The basic idea is a community site where you can search for malware based on
name or md5sum and get zipped copies. People can upload malware and
collaborate on analysis in a sort of a blog style. (think community
commented disassemblies, graphs, ida databases, etc.)

I know there are some problems with it such as md5sums aren't the best
method for cataloging malware but its a start. And honestly most of the
stuff I run across in general is not super sophisticated or polymorphic,
etc.

I've got some malware collection stuff to help add to the database and I
have a small collection built up over the years that I am slowly adding.

I've started it off with some copies of common stuff like welchia, sobig,
the sony drm thing, etc. and some minimal analysis stuff.

I'm open to any suggestions/contributions or even "this isn't a good idea
because . . ."

You should also check out the MITRE Common Malware Enumeration (CME)project <http://cme.mitre.org/>



--
Dan Moniz <dnm () pobox com> [http://pobox.com/~dnm/]

Current thread:

OffensiveComputing val smith (Dec 09)
- Re: OffensiveComputing Dan Moniz (Dec 09)
- Re: OffensiveComputing Dave Aitel (Dec 10)
  - Re: OffensiveComputing val smith (Dec 10)
  - Re: OffensiveComputing Thorsten Holz (Dec 11)
    - Exploit development weirdness RaMatkal (Dec 27)
    - Re: Exploit development weirdness Dave Aitel (Dec 27)
- Message not available
  - Fwd: OffensiveComputing val smith (Dec 10)
- Message not available
  - Re: OffensiveComputing val smith (Dec 10)
- <Possible follow-ups>
- Re: OffensiveComputing Jeffrey Denton (Dec 10)
  - Re: OffensiveComputing val smith (Dec 10)
    - Message not available
    - Re: OffensiveComputing val smith (Dec 10)