Malware Working Group
Resources
JAVASCRIPT/Embedded Malware Analysis Engines
- Wepawet
http://wepawet.iseclab.org/ - JSUnpack
http://jsunpack.jeek.org/
Malware Traits and Terminology
- Categories of Common Malware Traits
http://isc.sans.org/diary.html?storyid=7186 - Glossary of Common Spyware/Malware Terminology
http://www.antispywarecoalition.org/documents/2007glossary.htm
PE Binary Malware Analysis Engines
- CWSandbox
http://www.sunbeltsoftware.com/Malware-Research-Analysis-Tools/Sunbelt-CWSandbox/ - Anubis
http://anubis.iseclab.org/ - Norman Sandbox
http://www.norman.com/security_center/security_tools/en - ThreatExpert
http://www.threatexpert.com - Joe Security
http://www.joesecurity.org/
White Papers
Introduction to Malware Attribute Enumeration and Characterization (MAEC)
http://maec.mitre.org/about/docs/Introduction_to_MAEC_white_paper.pdf
Other Resources
OWASP Top 10
The goal of the Open Web Application Security Project (OWASP) Top 10 project is to raise awareness about application security by identifying some of the most critical risks facing organizations. The Top 10 project is referenced by many standards, books, tools, and organizations, including MITRE, Payment Card Industry Data Security Standard (PCI DSS), Defense Information Systems Agency (DISA), Federal Trade Commission (FTC), and many more.