Skip to content
/ MalwareBazaarHunter Public

MalwareBazaarHunter is a Python tool that leverages the MalwareBazaar and VirusTotal APIs to automatically filter low-detection malware samples, helping security researchers identify potentially overlooked threats.

License

MIT license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Fadouse/MalwareBazaarHunter

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
main.py
main.py
 
 

Repository files navigation

MalwareBazaarHunter

MalwareBazaarHunter is a Python-based security tool designed to fetch the latest malware samples from the MalwareBazaar API and then use the VirusTotal API to filter out samples based on their detection ratio. This helps security researchers quickly pinpoint potentially overlooked threats for further analysis.

Features

  • Sample Querying: Query the latest malware samples from the MalwareBazaar API using specified tags, numbers, and file types.
  • Detection Ratio Filtering: Retrieve detection statistics from the VirusTotal API and filter samples based on a user-defined threshold.
  • Sample Downloading: Automatically download filtered malware samples with support for streaming large files.
  • Efficient HTTP Requests: Utilizes requests.Session to reuse connections and improve performance.
  • Robust Logging: Implements detailed logging using Python's built-in logging module for easier debugging and error tracking.

Installation

  1. Clone the Repository

    git clone https://github.com/yourusername/MalwareBazaarHunter.git
cd MalwareBazaarHunter

  2. Set Up a Virtual Environment and Install Dependencies

    It is recommended to use a virtual environment:

    python3 -m venv venv
# On Linux/MacOS:
source venv/bin/activate
# On Windows:
venv\Scripts\activate

    Install the required package:

    pip install requests

Configuration

Before running the tool, update the following parameters in the main() function of the script:

  • VT_API_KEY: Your VirusTotal API key.
  • TAG: The malware tag to query (e.g., "rat").
  • TYPES: The malware file type to fittering (e.g, '["exe", "js", "ps1", "msi", "bat", "lnk", "vbs"]').
  • AMOUNT: The numbers of malware files retrieved from MalwareBazaar (default is 50).
  • MAX_DETECTION_RATIO: The maximum detection ratio threshold (e.g., 0.2 for 20%).
  • DOWNLOAD_DIR: The directory where downloaded samples will be stored (default is samples).

Make sure to replace the placeholder API key with your actual VirusTotal API key.

Usage

Run the main script directly:

python main.py

The tool will perform the following steps:

  1. Query the MalwareBazaar API for the latest malware samples based on the specified tag.
  2. Retrieve each sample's detection ratio from the VirusTotal API.
  3. Filter out samples whose detection ratio exceeds the specified threshold and save the sample data in a JSON file within the results directory.
  4. Automatically download the filtered samples into the samples directory.

Contributing

Contributions are welcome! Feel free to open issues or submit pull requests to help improve the project. Please adhere to the project's coding conventions and guidelines when contributing.

License

This project is licensed under the MIT License.

Note: This tool is intended for educational and security research purposes only. Please use it responsibly and in accordance with all applicable laws and regulations.

About

MalwareBazaarHunter is a Python tool that leverages the MalwareBazaar and VirusTotal APIs to automatically filter low-detection malware samples, helping security researchers identify potentially overlooked threats.

Topics

python api security malware malware-analysis malware-research virustotal threat-intelligence blue-team

Resources

Readme

License

MIT license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages