Host and manage your own malware zoo
- Our rating
- Deployment Support
- Bug fixes
- Feature requests
- 20 hours/year
|License||Open Source (for private use), Premium|
|Operating System||Server (needs PHP, MySQL)|
|Tags||analysis automation database framework malware storage|
Description and Review
MRF (Malware Repository Framework) is able to uniquely identify a sample (with HASH) and keep essential information (size, original name) into a database for quick search. MRF is also able to query Virus Total for a report on uploaded samples, and display the score on the dashboard (plus store the information in the database).
You can also send tasks and retrieve results from a Cuckoo machine (optional, needs a cuckoo machine). MRF is built in a modular way, so that it's easy to add a new 3rd party scanner or analysis tool without reducing performance. Many others 3rd party scanners are built-in, like PE Data parser, PDF and Office documents parsers.
- Self-hosted solution (PHP/Mysql server needed).
- Can run on Synology NAS (with Web Station).
- REST API (submit, delete, update, get), with API Key.
- File upload with modified jquery-fileupload library.
- Authentication with modified UserCake library.
- Users Rights management.
- VirusTotal results (unknown samples can be uploaded).
- Cuckoo analysis (needs a properly configured and functional cuckoo machine).
- Samples ordered by descending date (limited to last 40 samples -by default-, with pagination).
- Search filters available.
- Threat name is picked from VT results in that order: Microsoft, Kaspersky, Bitdefender, Malwarebytes.
- Threat name can be edited.
- Can add comments on samples.
- Can add samples to favorites.
- Can add tags to samples.
- Can add urls to samples.
- Can lock a sample.
- PE parser module.
- PDF parser module.
- Office document parser module.
- Hex viewer.
- Statistics page.
- Cuckoo management page.
- Easy to customize, with only one config file to change.
|Source Code (github)||Download|