Show HN: Open-source tool to explore malware clusters and shared infrastructure

Category: security

Tags: malware-analysis, clustering, tlsh

Score: 4.8/10 (Innovation: 4, Technical: 5, Documentation: 5, Utility: 5)

This project provides a command-line tool and web interface for clustering and exploring malware samples using TLSH similarity search, updated daily via GitHub Actions. It is interesting because it helps analysts discover shared infrastructure and malware families by comparing hashes against a continuously growing database from MalwareBazaar.

Target audience: security analysts, malware researchers, threat intelligence teams

Repository: https://malwaresiblings.up.railway.app/ · Python · 1 stars

View on Hacker News