MWDB
CERT.pl malware repository and collaboration platform: samples, configs, tags, Karton pipeline integration, and REST API for teams.
Why it is included
Production-grade open warehouse for sharing malware artifacts—natural complement to MISP for file-centric workflows.
Best for
Research groups and ISACs needing a private VirusTotal-like corpus with controlled access.
Strengths
- Object model for samples
- Karton ecosystem
- API-first
Limitations
- Legal/compliance for storing malware; hardening mandatory
Good alternatives
IntelOwl · Malware sharing via MISP objects only · commercial TI
Related tools
Security & Privacy
MISP
Threat intelligence sharing platform: IOCs, galaxies, taxonomies, sync between communities, and API automation.
Security & Privacy
IntelOwl
Analyze files, IPs, domains, and URLs in one request by fanning out to many free/TI analyzers (YARA, PE, DNS, etc.).
Security & Privacy
CAPEv2
Malware sandbox forked from Cuckoo lineage: automated unpacking, configurable machinery, and rich reporting for analysts.
Security & Privacy
Volatility 3
Advanced memory forensics framework for extracting artifacts from RAM dumps across OS versions.
Security & Privacy
Ghidra
NSA-released reverse engineering suite: decompiler, disassembler, scripting, and collaboration features.
Security & Privacy
YARA
Pattern matching for malware researchers—rules over files, memory, and streams in IR pipelines.