Nytro Posted December 27, 2011 Report Posted December 27, 2011 Cuckoo SandboxAutomated Malware Analysis System In three words, Cuckoo Sandbox is a malware analysis system. Its goal is to provide you a way to automatically analyze files and collect comprehensive results describing and outlining what such files do while executed inside an isolated environment. It's mostly used to analyze Windows executables, DLL files, PDF documents, Office documents, PHP scripts, Python scripts, Internet URLs and almost anything else you can imagine. But it can do much more... It's up to you to discover what and how. Some of the results that Cuckoo generates are: Trace of performed relevant win32 API calls Dump of network traffic generated during analysis Creation of screenshots taken during analysis Dump of files created, deleted and downloaded by the malware during analysis Trace of assembly instructions executed by malware process In addition, Cuckoo allows you to: Automate submission of analysis tasks Create analysis packages to define custom operations and procedures for performing an analysis Run multiple virtual machines concurrently Script the process and correlation of analysis results data Script and automate the generation of reports in the format you prefer Download Current Cuckoo Sandbox's version is 0.3. http://www.cuckoobox.org/downloads/0.3/cuckoo_0.3.tar.gzDocs: http://www.cuckoobox.org/doc/0.3/latex/CuckooSandbox.pdfDemo: Sursa: Cuckoo Sandbox Quote
