Free Malware Sample Sources for Researchers
A curated list of free sources where malware researchers can obtain samples for analysis, including MalwareBazaar, Hybrid Analysis, VirusShare, and vx-underground. Most require registration, and researchers should take precautions to avoid infecting themselves.
Malware researchers frequently seek malware samples to analyze threat techniques and develop defenses. In addition to downloading samples from known malicious URLs, researchers can obtain malware samples from the following free sources:
- ANY.RUN: Registration required
- Contagio Malware Dump: Curated, password required
- CAPE Sandbox: Registration required
- Hatching Triage: Registration required
- Hybrid Analysis: Registration required
- InQuest Malware Samples on GitHub
- MalShare: Registration required
- MalwareBazaar
- MalwareSamples Malware-Feed: Curated
- Malware DB
- Objective-See Collection: Mac malware
- DynamiteLab PCAPs: Malware inside downloadable PCAP files
- PolySwarm: Registration required
- theZoo aka Malware DB
- URLhaus: Links to live sites hosting malware
- VirusShare: Registration required
- VirusSign: Registration required
- Virus and Malware Samples: Includes APT, registration required
- vx-underground
- Yomi: Registration required
Be careful not to infect yourself when accessing and experimenting with malicious software. Do you know of other free malware sample sources that should be on this list? Let me know.
My other lists of online security resources outline Automated Malware Analysis Services and On-Line Tools for Malicious Website Lookups. Also, take a look at tips sharing malware samples with other researchers.