#Maltrieve – let’s go and find out hacker’s location!
Maltrieve retrieves malware directly from the location where the bad guys serve it. This allows researchers to acquire fresh samples, verify detection systems, and research infrastructure.
Maltrieve includes proxy support, multi-threading, Cuckoo submission, and categorization. The tool is community-developed and available under the terms of the GNU General Public License.
Maltrieve originated as a fork of mwcrawler. It retrieves malware directly from the sources as listed at a number of sites, including:
– Malware Black List
– Malware Domain List
– VX Vault
Other improvements include:
– Proxy support
– Multithreading for improved performance
– Logging of source URLs
– Multiple user agent support
– Better error handling
– VxCage and Cuckoo Sandbox support