Open Source Malware Search Engine

chr0.ot writes "Metasploit creator HD Moore has released an open-source search engine that finds live malware samples through Google queries. From the article: 'The new Malware Search project provides a Web interface that allows anyone to enter the name of a known virus or Trojan and find Google results for Web sites hosting malicious executables.' The tool then searches for actual malware signatures and uses the signature output from ClamAV to find the name of the malware. This is then used in conjunction with a PE signature matching method to form a Google query. Afterwards the malware can then be downloaded directly from Google."

I wish google would incorporate this into searches

[transporter_ii]

I in no way think that google should block sites, but it would be nice if they would scan sites witht this -- especially for sites that install stuff through holes in IE -- and put a little icon on search results that return an infected site. That way you could at least have a heads up before you clicked on a search result about what you were getting into. It would also be great for Firefox, when everyone gets to see how many sites are exploiting IE.

Transporter_ii

the other way around?

[luag]

"to enter the name of a known virus or Trojan and find Google results for Web sites hosting malicious executables" we should be able to do it the other way around too. enter the url for websites we suspect first then list if the websites host malicious executables. imo its more useful that way :)