Description: TekTip - Ep16 - Collect malware with MWCrawler
Description: mwcrawler is a simple python script that parses malicious url lists from well known websites (i.e. MDL, Malc0de) in order to automatically download the malicious code. It can be used to populate malware repositories or zoos.
https://github.com/ricardo-dias/mwcrawler/#readme
Sources the script pulls from:
NovCon Minotaur: http://minotauranalysis.com/malwarelist-urls.aspx
Malware Domain List: http://www.malwaredomainlist.com/hostslist/mdl.xml
VX Vault: http://vxvault.siri-urz.net/URL_List.php
Malc0de: http://malc0de.com/rss
Malware Black List: http://www.malwareblacklist.com/mbl.xml
Sacour.cn: http://www.sacour.cn
Installation
wget https://raw.github.com/ricardo-dias/mwcrawler/master/mwcrawler.py
chmod +x mwcrawler.py
*Requires BeautifulSoup 3.0.8 or greater
Usage:
./mwcrawler.py
./mwcrawler.py -t
*Thug is a Python low-interaction honeyclient aimed at mimicing the
behavior of a web browser in order to detect and emulate malicious
contents. https://github.com/buffer/thug
FIN
Tekdefense.com
1aN0rmus@tekdefense.com
http://www.securitytube.net/user/1aN0rmus
www.youtube.com/user/TekDefense
Tags: Malc0de , Malware , Malware analysis , Minotaur , VX Vault , collect , malware domain list , mwcrawler , python , sacour.cn , thug , zoo , 1aN0rmus , TekDefense , TekTip ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.