Host and manage your own malware zoo

  • Our rating
User Rating 4.44 (9 votes)
Malware Repository Framework (MRF) is a malware repository website, useful to manage your own malware zoo (for malware researchers mostly).
Choose your plan
  •    Support
  •    Updates
  •    Bug fixes
    Priority given to bug fixes
  •    Feature requests
    Priority given to feature requests


  • Email / Chat
    Email and Chat support
  • Free
    FREE Updates for the selected period
  • Top
    Top priority is given to the bug that impact you
  • Top
    Top priority is given to the features your request (if accepted)

IconDownload MRF
AuthorAdlice Software
File SizeUnknown
LicensePremium Only
Operating SystemServer (needs PHP, MySQL)
Tags   analysis     automation     database     framework     malware     storage  

MRF (Malware Repository Framework) is a private framework able to centralize all your malware files into the same place, as well as offering file analysis and 3rd party scanners.


MRF (Malware Repository Framework) is able to uniquely identify a sample (with HASH) and keep essential information (size, original name) into a database for quick search. MRF is also able to query Virus Total for a report on uploaded samples, and display the score on the dashboard (plus store the information in the database).

You can also send tasks and retrieve results from a Cuckoo machine (optional, needs a cuckoo machine). MRF is built in a modular way, so that it's easy to add a new 3rd party scanner or analysis tool without reducing performance. Many others 3rd party scanners are built-in, like PE Data parser, PDF and Office documents parsers.



  • Self-hosted solution (PHP/Mysql server needed).
  • Can run on Synology NAS (with Web Station).
  • REST API (submit, delete, update, get), with API Key.
  • Users Rights management.
  • VirusTotal results (unknown samples can be uploaded).
  • Cuckoo analysis (needs a properly configured and functional cuckoo machine).
  • Samples ordered by descending date with customable pagination.
  • Search filters.
  • Threat name is picked from VT results in that order: Microsoft, Kaspersky, Bitdefender, Malwarebytes.
  • Threat name can be edited.
  • Can add comments on samples.
  • Can add samples to favorites.
  • Can add tags to samples.
  • Can add urls to samples.
  • Can lock a sample.
  • PE parser module.
  • PDF parser module.
  • Office document parser module.
  • TrID module.
  • Binary image module.
  • Hex viewer.
  • Yara scanner (link to YED website).
  • Statistics page.
  • Cuckoo management page.
  • URL Tracker module: Let's you add url patterns to harvest.
  • Easy to customize, with only one config file to change.



Please refer to the general documentation.



Buy LicenseDownload