Site feature requests
Val says I can start this discussion, so here I go.
A number of features appear to be missing. Apologies if it's there and I didn't see it.
-There ought to be links to the various AV sites and their analysis and name(s) for the sample. I see some of them already have aggregate scan results, those should be turned into fields and links.
-I assume the scan is done once at submission time. There should be a backend process that periodically rescans samples, to reflects changes in the signature databases.
-There ought to be a bunch more cross-reference type fields. Specific examples:
--Does it use an exploit? If so, then link to BugtraqID, CVE, etc...
--Link to CME number
--What platform(s) does it affect?
--What is it packed with?
--What is it written in?
--General malware classifications (worm, virus, etc..)
-Is there a list of samples that need analysis (haven't been analyzed yet.) Or in general, a todo list for contributors? Any of the fields above could be blank, it would be nice to throw those into a work queue.
-Set up a backend IDA collaboration server, ala OpenRCE.
Just brainsotrming... I'm sure there's lots more.