It has been some time that I posted about the Cuckoo Sandbox. Good news is that the guys at the Cuckoo Foundation are not silent and have released the Cuckoo Sandbox 2.0.7, with lots of improvements, code cleanup, support for VirtualBox 6 and the well deserved support for the MITRE ATT&CK TTP detection. Read more about UPDATE: Cuckoo Sandbox 2.0.7
Unprotect Project: Classify Malwares Based on Known Evasion Techniques
One of the first steps in learning about a malware is to see if it is evasive in any sense and then proceed accordingly. The Unprotect Project helps you do this easily. It is an open source project in Python that proposes a malware classification techniques based on their evasive capabilities to help understand and analyze them. This project caters Windows PE malwares only. Read more about Unprotect Project: Classify Malwares Based on Known Evasion Techniques
UPDATE: Cuckoo Sandbox 2.0.4
My previous post was about this open source, malware analysis automation framework - Cuckoo Sandbox 2.0.0. This post however, is about an update made to the framework. We now have Cuckoo Sandbox 2.0.4 which include a number of important improvements simplifying and improving your experience while allowing additional functionality to feature more collected information. Read more about UPDATE: Cuckoo Sandbox 2.0.4
Pharos: A Static Binary Analysis Framework
All of us know what static binary analysis means. It means that the analysis of the binary is performed without actually executing it. Almost two years ago, an open source framework - Pharos, was created by the Carnegie Mellon SEI, CERT Division in collaboration with the Lawrence Livermore National Laboratory was released. This post is about the framework which supports reverse Read more about Pharos: A Static Binary Analysis Framework
Al-Khaser: A Benign Malware to Test Your Anti Malware
There is a idiom - use a thorn to remove a thorn. Tools like Al-Khaser cement this idiom. It is an open source, benign malware to test how good your anti-malware or local security product is. It allows you to do so by implementing commonly used tactics used by actual malwares and tests them on your system. What is Al-Khaser? Al-Khaser is a benign, proof-of-concept malware Read more about Al-Khaser: A Benign Malware to Test Your Anti Malware