Host and manage your own malware zoo

  • Our rating
User Rating 4.5 (4 votes)
Malware Repository Framework (MRF) is a malware repository website, useful to manage your own malware zoo (for malware researchers mostly).
Choose your plan
  •    Deployment Support
    If support is given for deployment
  •    Bug fixes
    Priority given to bug fixes
  •    Feature requests
    Priority given to feature requests


  • 20 hours/year
    Up to 20 hours per year purchased is allowed
  • Top
    Top priority is given to the bug that impact you
  • Top
    Top priority is given to the features your request (if accepted)

Open Source

$0Private use only
  • No support
  • Low
  • Low

IconDownload MRF
AuthorAdlice Software
File SizeUnknown
LicenseOpen Source (for private use), Premium
Operating SystemServer (needs PHP, MySQL)
Tags   analysis     automation     database     framework     malware     storage  

MRF (Malware Repository Framework) is an OPEN SOURCE framework able to centralize all your malware files into the same place, as well as offering file analysis and 3rd party scanners.


MRF (Malware Repository Framework) is able to uniquely identify a sample (with HASH) and keep essential information (size, original name) into a database for quick search. MRF is also able to query Virus Total for a report on uploaded samples, and display the score on the dashboard (plus store the information in the database).

You can also send tasks and retrieve results from a Cuckoo machine (optional, needs a cuckoo machine). MRF is built in a modular way, so that it's easy to add a new 3rd party scanner or analysis tool without reducing performance. Many others 3rd party scanners are built-in, like PE Data parser, PDF and Office documents parsers.



  • Self-hosted solution (PHP/Mysql server needed).
  • Can run on Synology NAS (with Web Station).
  • REST API (submit, delete, update, get), with API Key.
  • File upload with modified jquery-fileupload library.
  • Authentication with modified UserCake library.
  • Users Rights management.
  • VirusTotal results (unknown samples can be uploaded).
  • Cuckoo analysis (needs a properly configured and functional cuckoo machine).
  • Samples ordered by descending date (limited to last 40 samples -by default-, with pagination).
  • Search filters available.
  • Threat name is picked from VT results in that order: Microsoft, Kaspersky, Bitdefender, Malwarebytes.
  • Threat name can be edited.
  • Can add comments on samples.
  • Can add samples to favorites.
  • Can add tags to samples.
  • Can add urls to samples.
  • Can lock a sample.
  • PE parser module.
  • PDF parser module.
  • Office document parser module.
  • Hex viewer.
  • Statistics page.
  • Cuckoo management page.
  • Easy to customize, with only one config file to change.



Source Code (github)Download