Just wanted to let you guys know about a new computer security site at http://www.offensivecomputing.net The purpose of this site is to foster collaborative analysis, cataloging and identification of malware in order to improve defense and awareness. This was something myself and other colleagues have seen the need for a long time but could never find anything similar because most malware collections are either closed lists or corporate non-public collections. This site is free and open to all. The basic idea is to have a community site where you can search for malware based on name or md5sum and get zipped copies. People can upload their own samples of malware and collaborate on analysis in a sort of a blog style. (think community commented disassembles, graphs, ida databases, etc.) I know there are some problems with the concept such as using md5sums but its a start and has proven useful already. I've got some malware collection stuff to help add to the database and I have a small collection built up over the years that I am slowly adding as well. I've started it off with some copies of common stuff like welchia, sobig, the sony drm rootkit, etc. and some minimal analysis. This is NOT another Vx'ers site and the purpose isn't to propagate worms or viruses but rather provide a medium for people to conduct collaborative defense research with full access to the tools and samples. We're interested in any feedback, collaborations, and ideas from the community and have already gotten a ton of response since launching last Friday. have a good one, V.
