Host and manage your own malware zoo
- Bug fixes
- Feature requests
- Email / Chat
|Operating System||Server (needs PHP, MySQL)|
|Tags||analysis automation database framework malware storage|
MRF (Malware Repository Framework) is able to uniquely identify a sample (with HASH) and keep essential information (size, original name) into a database for quick search. MRF is also able to query Virus Total for a report on uploaded samples, and display the score on the dashboard (plus store the information in the database).
You can also send tasks and retrieve results from a Cuckoo machine (optional, needs a cuckoo machine). MRF is built in a modular way, so that it's easy to add a new 3rd party scanner or analysis tool without reducing performance. Many others 3rd party scanners are built-in, like PE Data parser, PDF and Office documents parsers.
- Self-hosted solution (PHP/Mysql server needed).
- Can run on Synology NAS (with Web Station).
- REST API (submit, delete, update, get), with API Key.
- Users Rights management.
- VirusTotal results (unknown samples can be uploaded).
- Cuckoo analysis (needs a properly configured and functional cuckoo machine).
- Samples ordered by descending date with customable pagination.
- Search filters.
- Threat name is picked from VT results in that order: Microsoft, Kaspersky, Bitdefender, Malwarebytes.
- Threat name can be edited.
- Can add comments on samples.
- Can add samples to favorites.
- Can add tags to samples.
- Can add urls to samples.
- Can lock a sample.
- PE parser module.
- PDF parser module.
- Office document parser module.
- TrID module.
- Binary image module.
- Hex viewer.
- Yara scanner (link to YED website).
- Statistics page.
- Cuckoo management page.
- URL Tracker module: Let's you add url patterns to harvest.
- Easy to customize, with only one config file to change.
Please refer to the general documentation.