Quick backstory. I do MSP work and a chunk of my week is triage. Something pops on an endpoint, you get a family name back from whatever tool flagged it, and now you're trying to figure out if this thing is a banker, a loader, a wiper, ransomware, whatever. Half the time the top Google hit is a vendor blog from 2019 with a popup begging you to download a whitepaper. The other half is some forum thread where the actual useful comment got deleted.
So I made a thing. It's just a static site with one page per malware family. 2,899 of them, pulled from the EMBER 2018 list (Endgame's dataset, the one a lot of ML-for-malware papers train against). Each family gets its own URL like /families/emotet.html, /families/trickbot.html and so on. Nothing fancy. No JS framework. Just HTML you can land on from a search result and read in two seconds.
Live here if you want to poke at it: https://jordanricky1604-ship-it.github.io/malware-families-catalog/
Why bother. Honestly because I kept hitting the same wall. You're on a call, the SOC analyst on the other side says "we're seeing Qakbot", and you want a one-pager you can skim while they keep talking. Not a 40 page report. Not a paywall. Just "here's what this is, here's what it usually does, here's a couple of references." That's the whole pitch.







