savory is a malware URL aggregator and intelligence system.
The following are key features of
Ability to aggregate an arbitrary number of malware sources and present them back to your in-house applications
Gathers over 100 pieces of information about malicious URLs that can be used later to enhance in-house tools
Tagging system allows for custom retrieval of only URLs that meet certain criteria
XML-RPC API able to control URL creation and facilitate creation of 3rd party inject tools
Customizable charts, tables, and reports that allow you to gain insight into the datasets. Supports embedded Splunk metrics as well.
Advanced authentication support and permissions system allows fine-grained access to savory. Authentication supports integration with your existing authentication systems
Integrated screenshot capability to view the badware URLs without having to actually visit them
Downloading of raw malware source for offline analysis
Integration with Bluecoat Web Proxy and InfoBlox DNS appliances to assist in blackholing domains
The application is modular in design and extendable, allowing for customization specific to your site.