OffensiveComputing

[val smith <mvalsmith () gmail com>]

Hi there,

I know some of the people on this list and i've lurked here for a long time
so I thought there might be some interest in a project i've been working on
for a little while.

http://www.offensivecomputing.net

I know there are a couple of things similar (like Pedram's openrce and
Hoglund's rootkits.com) but I haven't found anyone doing exactly this so I
thought there might be a need or use for it in the community.

The basic idea is a community site where you can search for malware based on
name or md5sum and get zipped copies. People can upload malware and
collaborate on analysis in a sort of a blog style. (think community
commented disassemblies, graphs, ida databases, etc.)

I know there are some problems with it such as md5sums aren't the best
method for cataloging malware but its a start. And honestly most of the
stuff I run across in general is not super sophisticated or polymorphic,
etc.

I've got some malware collection stuff to help add to the database and I
have a small collection built up over the years that I am slowly adding.

I've started it off with some copies of common stuff like welchia, sobig,
the sony drm thing, etc. and some minimal analysis stuff.

I'm open to any suggestions/contributions or even "this isn't a good idea
because . . ."

thanks!

V.