malware-repo
============

Malware Repository Framework
Official page: https://www.adlice.com/download/mrf/

## Version 7.1
Renamed "groups" table to comply with MySQL reserved names (please launch Install script)  
Compatibility for MySQL 8.0  
Compatibility for PHP 8.2  
Fixed issue with group/ungroup  
Added libzip to DockerFile  
Small fixes  

## Version 7.0
!!IMPORTANT!! Migrated to Python 3  
!!IMPORTANT!! Replaced "automatic_upload" by "never_upload" in config, to avoid uploading private samples to 3rd party (see doc)  
Added Cron registration button  
Added Any.RUN feature, now can upload files and get score/report link  
Added version check (install page)  
Added dockerfile and docker-compose scripts, to easily create instance with Docker (see doc)  
Added samples comparison (ssdeep based)  
Added samples grouping  
Added group mention in discussions  
Added ability to download bulk as ZIP password protected  
Added per user Hybrid Analysis key (settings)  
Added ability for admins to create new users  
Fixed Hybrid Analysis score parsing  

## Version 6.2
Added profile page  
Added per user API key for VirusTotal (user settings)  
Added ability to dump PE section  
Added ability to dump PE resource  
Moved PE data storage to filesystem  
Moved Bin2Img data storage to filesystem  
Added email alerts (user settings)  
Added email alert on new sample comment  
Added email alert on new discussion answer  
Added YED scan results (Shows matching yara rules and threat name)  
Added author on discussion page  
Added Hybrid Analysis module  
Added PE certificates information (serial)  
Added Install script and shortcut in admin panel  
Fixed digisig display issue  
Fixed comments not removed if sample removed  
Fixed tag link  
Fixed discussions sorting  
Fixed discussion "resolved" style  
Fixed permissions issues in API

## Version 6.1
Added dashboard  
Added deferred scanning, performed by a dedicated Cron script  
Added default permissions on new user  
Added restrictions to actions on UI side  
Added ability to edit display name  
Added discussions  
Added ability to edit discussion  
Added public discussions  
Added notifications (sample scanned, VT analysis complete, Cuckoo analysis complete)  
Added notifications for discussions (new comment on my discussion, new comment of discussion I'm following)  
Added "public mode" for public repositories  
Added UI locks, so that users won't get displayed actions they can't perform  
Fixed copyright year  
Fixed URL tracker now checks if file exists before uploading  
Fixed PE strings module, now lising Unicode and Ansi strings  
Moved sample comments to a separate tab  
Fixed an issue with admin pages and pagination leading to a loss of configuration  
Fixed sample page doesn't load same data twice on tab switching  

## Version 6.0
Fixed URL duplicate issue  
Fixed Tags duplicate issue  
Added Ajax Pace everywhere (progress)  
Complete front-end refactoring using Ampleadmin theme  
Moved to datatables library  
Pagination refactoring  
Storage is now segmented this way: a/1/b/2/a1b2aaaaaaaaaaaaa, for better filesystem performances (run migrator)  
Replaced upload date by last seen date: uploading same file will update it and display the item at the top  
PHP7 support  
Added "analyzing..." label after all chunks are uploaded for better clarity  
Added search by MIME type  
Added search by time range  
Added PE Verson Info  
Added PE Resource icons  
Improved PE scan display  
Added removal confirmation everywhere  
Added remove old samples script in Cron  
Added ability to remove Cuckoo reports (cukoo tab)  
Added Cuckoo bulk submission  
Added VirusTotal bulk submission  
Added Cuckoo score  
Replaced comment field by a full commenting system  
Added URL tracker  
Added TrID module  
Added Bin2Img module  

## Version 5.1
Refactored pdfdata module, moving to peepdf library (PDFData module)  
Added Submit PDF streams back to the repository (PDFData module)  
Added Download PDF streams (PDFData module)  
Added Define Vendors priority for VirusTotal threat name copy (VT module)  
Added Automatic comment on VirusTotal upload (with config) (VT module)  
Added Raw strings extraction (PEData)  
Added Choose machine when submitting to Cuckoo (Cuckoo module)  
Added Choose options when submitting to Cuckoo (with config) (Cuckoo module)  

## Version 5.0
Complete refactoring with OOP  
Complete refactoring in a modular way  
Complete database schema refactoring (optimized for speed)  
Added "Refresh" button  
Added "Private" property, now owner/admin can lock down a sample to prevent write operations  
Added Imphash (PEData module)  
Added PDB path (PEData module)  
Added Office data module  
Added PDF data module  
Added digisig field into sample view  
Added HexView tab  
Added Statistics page  
Added Cuckoo page  
Changed comments font, now using Courier (fixed width font)  
Replaced search tab by a collapsable box  
Moved threat color decision to server side for better customization  
Fixed a bug in modal dialogs where scrollbars were not used  
Fixed a bug in bulk removal  
Fixed sporadic JS errors breaking the logic  
Removed Quick edit (deprecation)  

## Version 4.3
Added Bulk download  
Added ability to disable modules  
Added ssdeep scan  
Added PE scan  
Added MIME type  
Added program icon  
Added avatar on sample page  
Added PHP7 support  
Added ability to edit uploader 
Added Cuckoo combobox as filter   
Replaced old editor by tinymce editor  
Fixed delete button  
Fixed Cuckoo cron  
Fixed VirusTotal status (added "Not Checked")  
Fixed Github link target  
Fixed responsiveness  
Fixed sample page title  
Fixed dropdown menu on mobile devices  
Fixed URL search  
Fixed Comment truncated at 65k characters  
Fixed favorite filter display  
Fixed URLs display  
Fixed Cuckoo link on sample page  
Fixed CDN links  
Fixed incorrect VirusTotal scan display  
Fixed incorrect Cuckoo scan display  

## Version 4.2
Sample page  
Using new modular installer  
Changed favorite filter for a checkbox  
Added user rights management  
Now comments have a WISIWIG editor  
Added tooltip for bulk selection and favorite  
Added Github project link in the sidebar  
Added URLs description name  
Fixed Signout redirection issue  
Fixed bug when menu wasn't showing because of too few samples  
Fixed overwritting of existing sample  
Fixed menu not showing on IE/Chrome  
Fixed page scrolling on Editing/Save  
Fixed URLs search  
Fixed Comment/URLs refresh when re-opening modal editors

## Version 4.1
Added Clear filters button  
Performance improvments (queries optimizations)  
Fixed a bug preventing upload of archives  
Fixed a bug preventing upload of password protected archives  
Fixed a bug where DOCX and pseudo Zip files where extracted  
Fixed footer link  
Fixed short name with a new config field (on left panel collapsed)  
Fixed comment, url, tags search  
Added URLs filter  
Fixed responsiveness  
Fixed tooltips  
Added avatars in users management menus  

## Version 4.0
New UI, based on AdminLTE  
Using more recent versions of bootstrap and Jquery  

## Version 3.4
Cuckoo: Now you can rescan files  
Cuckoo: Fixed filename (useful for package selection)  
VirusTotal: Fixed filename  
Cuckoo: Added scan parameters in config file  
Fixed a bug preventing comment to be stored  
Fixed VirusTotal uploads with PHP 5.6+  
Fixed Cuckoo uploads with PHP 5.6+  

## Version 3.3
Added URLs to API  
Moved sample comment in meta table (!Breaks backward compatibility!)  
Cuckoo: now storing only database ID instead so that all links are dynamic (!Breaks backward compatibility!)  
Cuckoo: removed unused report field (!Breaks backward compatibility!)  
Cuckoo: compatible with version 2  
Cuckoo: Now able to retrieve and reference old sample reports  

## Version 3.2
Added EULA  
Added cron for VirusTotal and Cuckoo status refresh  
Added URLs sample information  
Added ability to send comment on VirusTotal  
Better tags search and storage  
Added ZIp extraction (no password for now)  
Now comment is displayed/modified into a modal dialog (this allows big comments)  

## Version 3.1
UI fixes  
UI improvements  
Added tags  
Added favorites  
Added more data collapsable row  
Moved some fields into collapsed row  
fixed a lot of bugs  

## Version 3.0
Code reorganization, with now only one config file to change  
Added installer script  
Moved filters into a search tab  
UI tweaks and improvements  

## Version 2.0
Yes, there's no version 1 :)  
Added REST API, even for the UI  
Added Authentication with UserCake. Every user has an API key.  
User can only delete/edit its own samples, unless the user is admin.  
Ability to send samples with REST API, an API key is needed.  
Now samples keep the uploader in database.  
Now samples have editable comment field. Comment can also be sent via API.  
Fixed a lot of bugs.  
Improved UI.  
Added ability to NOT automatically upload to VirusTotal  
Now deployment is easy with the install script  

## Version 0.4
Cuckoo reports are now saved on disk, locally. So that you don't need your cuckoo machine to be up and running to view a report.  
All queries are now properly escaped.  
Added VT score filter.  

## Version 0.3
Added VT re-scan button  
Added Cuckoo support, and cuckoo scan button + results  
Added pagination  
Fixed bugs  

## Version 0.2 
Added Edit button, can change vendor name  
Fixed VT scan when file is unknown  
Now files uploaded are shown first  

## Version 0.1
Initial release