Since releasing the malpdfobj tool (~24 hours), I have been running and testing it. I found a couple bugs that caused issues when inserting some samples into the database, but those are all now fixed (and documented on github). The current code deployed to github takes in all of my 50 some malware samples and inserts them into the mongo database.
Anyone running their own MongoDb locally can run the same tool and store their own data, but the problem I hear when doing this work is having a lack of samples. I don’t have a huge amount, but I wanted to release a dump of my mongo collection filled with all my samples. While they are not the binaries themselves, they do provide a lot of information that should be useful. At this point I need to sit down and read up on how to query Mongodb to get exactly what I want. As I go through this process I will write up my results and release my tools.
Click here to download the mongodb dump.