import information from MalwareBazaar

aboutcode-org / vulnerablecode

A free and open vulnerabilities database and the packages they impact. And the tools to aggregate and correlate these vulnerabilities. Sponsored by NLnet https://nlnet.nl/project/vulnerabilitydatabase/ for https://www.aboutcode.org/ Chat at https://gitter.im/aboutcode-org/vulnerablecode Docs at https://vulnerablecode.readthedocs.org/

https://public.vulnerablecode.io

Apache License 2.0

532 stars 200 forks source link

import information from MalwareBazaar #761

Open armijnhemel opened 2 years ago

armijnhemel commented 2 years ago

MalwareBazaar has information about various malware files, including various hashes (md5, sha1, sha256, ssdeep, imphash, tlsh). Though no CVE identifiers are linked it is an easy to process data format (CSV, with only very little cleanup needed) and it might be useful to import.

https://bazaar.abuse.ch/export/

armijnhemel commented 1 year ago

As a template or inspiration please look at:

https://github.com/armijnhemel/binaryanalysis-ng/blob/master/maintenance/database/malwarebazaarimporter.py https://github.com/armijnhemel/binaryanalysis-ng/blob/master/maintenance/database/README-malwarebazaar.md

(and no, don't worry about the license or creating a derivative work)