Skip navigation.

Malware Search Engine


HDM from the Metasploit project has released a malware search engine. This is an open tool based on a similar idea from Websense. HD's idea expands on the Websense code in several ways. First it's an open project with code available. Second it searches for actual malware signatures, rather than just .exe's. HD uses the signature output from ClamAV to find the name of the malware. This is then used in conjunction with a PE signature matching method to form a Google query. Afterwards the malware can then be downloaded directly from google.

We provided our malware database to HDM for use in the initial tool. The results of the google downloads can be seen in the order of magnitude jump of our malware collection. Thanks HDM!

Read the full EWeek interview with HDM here.