User guide¶
This guide will help you to learn basic MWDB concepts step by step. It is not only limited to the potential use-cases of your own mwdb-core instance, but also recommended for mwdb.cert.pl service users who want improve their skills in exploring MWDB database.
Contents:
- 1. Introduction to MWDB
- 2. Storing malware samples
- 3. Storing malware configurations
- 4. Storing human-readable data (blobs)
- 5. Tagging objects
- 6. Object attributes
- 7. Advanced search based on Lucene queries
- Query syntax: fields
- Query syntax: operators
- Query syntax: ranges
- Query syntax: timestamps
- Query syntax: relative timestamps
- Basic search fields
- JSON fields (
config.cfg:) - Favorites field (
favorites:) - Comment author field (
comment_author:) - Upload count field (
upload_count:) - Group access queries (
sharer:,shared:anduploader:) - Parent/child subqueries
- Multi field (
multi:) - Escaping special characters
- Quick queries
- 8. Automating things using REST API and mwdblib
- 9. Sharing objects with other collaborators