Cuckoosandbox - An automated malware analysis tool
Cuckoosandbox
An automated malware analysis tool
Screenshots
Hunter's comment
Cuckoo sandbox is a tool for performing automated malware analysis. This tool when used in the correct context is an excellent tool for analysing new malware. This is no replacement for static analysis with a tool like IDA Pro by a malware professional. Cuckoo sandbox is meant to be used to analysis.
Cuckoo sandbox can be used to analyze: URLs, executables, PDF's, Office docs even emails. Cuckoo sandbox works by spinning up a clean VM (which will be running the OS of your choice either: OSX,Linux,Windows or Android), when the virtual machine starts up Cuckoo sandbox monitors the clean vm for any changes to the operating system and even can be used to monitor the network traffic. This tool is incredibly powerful, opensource and can be modified to your liking. For example the security Guru Brad Spender built a modified version of Cuckoo (which is unfortunately no longer maintained) which is called "Cuckoo Modified" which added interesting modifications like the ability to send the malicious traffic from the Virtual machine over Tor and other interesting features and hardening.
The first time I heard of Cuckoo I was highly critical, because I had heard of malware that can detect if it is running in a virtualized environment, this is true to some extent. If this bothers you Cuckoo Sandbox can even be installed on actual hardware although this is a very tedious process. In my experience malware had no problem running in a virtual machine on Cuckoo Sandbox. The ideal Cuckoo sandbox setup would consist of multiple virtual machines to run malware on. For example a virtual machine running Windows XP, Windows Vista, Windows 7, Windows 8 and another running Windows 10. There are some websites that run a public facing version of Cuckoo sandbox which you can use to test Cuckoo sandbox if you are too lazy to install it.
One of them which is in the process of relaunch, you can have a look at: https://malwr.com/
Link
Contributors
Hunter: @shebeleeza
This is posted on Steemhunt - A place where you can dig products and earn STEEM.
View on Steemhunt.com
Hi @shebeleeza, could you maybe edit and format your hunt so that it's easy to read?
Sure will do. If I edit on steemit frontend will the change reflect on the steemhunt frontend?
Updated it. Let me know if that is what you had in mind or if I should clean it up some more. Thanks.
Great hunt @shebeleeza! This hunt has been verified and approved by the Steemhunt Moderation Team. Great job! Happy hunting.
Thanks for your help and time!
Here is a cool semi up to date tutorial on how to install Cuckoo sandbox: https://tom-churchill.blogspot.com/2017/08/setting-up-cuckoo-sandbox-step-by-step.html this also where I got the image from for this hunt.
Congratulations @shebeleeza! You have completed the following achievement on Steemit and have been rewarded with new badge(s) :
Click on the badge to view your Board of Honor.
If you no longer want to receive notifications, reply to this comment with the word
STOPTo support your work, I also upvoted your post!