TekDefense

Top

Sponsor

Security Videos

Sunday

Dec092012

TekTip ep16 - Collect Malware with MWCrawler

Sunday, December 9, 2012 at 10:52AM

Description: mwcrawler is a simple python script that parses malicious url lists from well known websites (i.e. MDL, Malc0de) in order to automatically download the malicious code. It can be used to populate malware repositories or zoos.

https://github.com/ricardo-dias/mwcrawler/

Sources the script pulls from:

NovCon Minotaur: http://minotauranalysis.com/malwarelist-urls.aspx

Malware Domain List: http://www.malwaredomainlist.com/hostslist/mdl.xml

VX Vault: http://vxvault.siri-urz.net/URL_List.php

Malc0de: http://malc0de.com/rss

Malware Black List: http://www.malwareblacklist.com/mbl.xml

Sacour.cn: http://www.sacour.cn

Installation:

wget https://raw.github.com/ricardo-dias/mwcrawler/master/mwcrawler.py

chmod +x mwcrawler.py

*Requires BeautifulSoup 3.0.8 or greater

Usage:

./mwcrawler.py

./mwcrawler.py -t

*Thug is a Python low-interaction honeyclient aimed at mimicing the

behavior of a web browser in order to detect and emulate malicious

contents. https://github.com/buffer/thug

Admin |

Reader Comments

There are no comments for this journal entry. To create a new comment, use the form below.

Post a New Comment

Enter your information below to add a new comment.

My response is on my own website »

Author:

Author Email (optional):

Author URL (optional):

Post:

↓ | ↑

Some HTML allowed: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <code> <em> <i> <strike> <strong>