Sandbox_Scryer – Tool For Producing Threat Hunting And Intelligence Data From Public Sandbox Detonation Output

The Sandbox Scryer is an open-source tool for producing threat hunting and intelligence data from public sandbox detonation output The tool leverages the MITRE ATT&CK Framework to organize and prioritize findings, assisting in the assembly of IOCs, understanding attack movement and in threat hunting By allowing researchers to send thousands of samples to a sandboxRead More

Norimaci – Simple And Lightweight Malware Analysis Sandbox For macOS

[*] “Norimaci” is a simple and lightweight malware analysis sandbox for macOS. This tool was inspired by “Noriben“. Norimaci uses the features of OpenBSM or Monitor.app to monitor macOS system activity instead of Sysinternals Process Monitor (procmon). Norimaci consists of 3 Python scripts. norimaci.py : Main script openbsmconv.py : OpenBSM audit log converter monitorappconv.py :Read More

DRAKVUF Sandbox – Automated Hypervisor-Level Malware Analysis System

DRAKVUF Sandbox is an automated black-box malware analysis system with DRAKVUF engine under the hood, which does not require an agent on guest OS. This project provides you with a friendly web interface that allows you to upload suspicious files to be analyzed. Once the sandboxing job is finished, you can explore the analysis resultRead More

Wsb-Detect – Tool To Detect If You Are Running In Windows Sandbox ("WSB")

wsb-detect enables you to detect if you are running in Windows Sandbox (“WSB”). The sandbox is used by Windows Defender for dynamic analysis, and commonly manually by security analysts and alike. At the tail end of 2019, Microsoft introduced a new feature named Windows Sandbox (WSB for short). The techniques used to fingerprint WSB areRead More

Saferwall – A Hackable Malware Sandbox For The 21St Century

Saferwall is an open source malware analysis platform. It aims for the following goals: Provide a collaborative platform to share samples among malware researchers. Acts as a system expert, to help researchers generates an automated malware analysis report. Hunting platform to find new malwares. Quality ensurance for signature before releasing. Features Static analysis: Crypto hashes,Read More

X