Malware Collection Simplified

Nepenthes and mwcollect are merging into one project. So now instead of two different tools, mwcollect will be retired after the release of version 3.0.4 and focus will shift to Nepenthes with becoming the community portal. This a good news for Windows network operators because Nepethes is a powerful tool. 

Nepenthes works by emulating known vulnerabilities where its downloads any malware that tries to exploit those vulnerabilities. 
Current modules for Nepenthes allow it to emulate problems with DCOM, Local Security Authority Service (LSASS), WINS, ASN1, NetBIOS, SQL Server, and a lot more Microsoft services.

You can read more about the restructuring efforts
here . And you read about mwcollect and Nepenthes in my article, " Honeypots That Collect Malware ".

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.