MalShare Java API client

MalShare is a free initiative for researchers to share malware samples for research purposes, which can be accessed via the website and via the API. Before open-sourcing this API client, there was no publicly supported Java library. The code can be found on Github. Below, more information on the usage is given, as well as a rationale on the code.

Table of contents


The API client contains several classes, where the MalShareApi class exposes the API’s functionality. Any exposed function returns either an object that contains the parsed values, or it returns a native byte array. The latter is used when downloading a sample.

Building it as a JAR that includes the dependencies can be done using the command that is given below.

mvn clean compile assembly:single


The MalShareApi object requires the API key in the constructor. The public functions of the class expose the API endpoints. The private functions, such as get and post, are used internally for the network connection. The additional classes are models that contain parsed data.

Release notes

Below, links are given to the blogs that contain the version specific release notes. The most recent release is the first link in the list.

To contact me, you can e-mail me at [info][at][maxkersten][dot][nl], send me a PM on Reddit or DM me on Twitter @Libranalysis.