Cuckoo Sandbox might be a bit more popular than AbuseIPDB. We know about 18 links to it since March 2021 and only 13 links to AbuseIPDB. We are tracking product recommendations and mentions on various public social media platforms and blogs. They can help you identify which product is more popular and what people think of it.
Origin server only shows Cloudflare IP's so I decided to add this UA to my WAF with a Managed Challenge. After roughly 30 minutes and almost 100 hits on it CSR was 0%. Looking at the CF logs for the specific WAF shows IP's and locations from everywhere(US, UK, India, China, Nigeria, etc) and when I check IP's at abuseipdb.com they're all clean but none of them seem to get through the managed challenge. I removed... Source: 8 months ago
Switched to Maspik Anti-Spam, with a manually curated list of keywords, and integration with abuseipdb.com and proxycheck.io. But both of those were also causing false positives, especially from my co-worker who uses a virtual machine, so upped the tolerance to 70 on both. Source: 12 months ago
This install of Docker is only a few days old. Most of the IPs associated are showing "banned" on abuseipdb.com. Source: 12 months ago
People build lists like OP is all the time, have you seen https://abuseipdb.com/? Source: 12 months ago
To keep your Synology safe, regularly update list of blocked ip addresses. I'm using this script, which takes list of ip addresses from blocklist.de and abuseipdb.com and add them to my block list. I keep them blocked forever. Source: about 1 year ago
You can detonate it into a VM running an instance of Cuckoo Sandbox. If you want to go the extra mile, you can dump the memory of said VM and analyse it with Volatility Framework. Also, if you want to quickly identify behavioural patterns in executable code, you can use Mandiant's CAPA tool (though idk if it works on .pdfs). Source: 12 months ago
You should save a copy of the .exe, copy it into a VM running Cuckoo and get a report on exactly what the .exe does. Without this automated dissection, people are making educated guesses. They're probably right, but why not be certain? There is an online version too - https://cuckoosandbox.org. Source: 12 months ago
You could use a service like cuckoo to check links/files. Source: over 1 year ago
I made my own lab in college using a series of VM's, A windows 10 machine that was packed with analysis tools, a kali listening machine (running inetsim or fakenet, I can't remember.) and I had remnux on another machine (which I ended up not really making use of, but it was there.) I used virtualbox and ran these VM's in an internal network, no internet access. Disabled all clipboard and file sharing after... Source: over 1 year ago
Another option if you want to self-host is https://cuckoosandbox.org/ . Of note, it's currently an unmaintained project so issues may not receive support, but it is free. Source: over 1 year ago
URLscan.io - urlscan.io is a free service to scan and analyse websites. When a URL is submitted to urlscan.io, an automated process will browse to the URL like a regular user and record the activity that this page navigation creates.
Any.Run - Interactive malware hunting service. Any environments ready for live testing most type of threats.
Metadefender - Metadefender, by OPSWAT, allows you to quickly multi-scan your files for malware using 43 antivirus...
Sandboxie - Sandboxie is a program for Windows that is designed to allow the user to isolate individual programs on the hard drive.
Joe Sandbox - Automated Malware Analysis - Development and Licensing of Automated Malware Analysis Tools to Fight Malware
VirusTotal - VirusTotal is a free service that analyzes suspicious files and URLs and facilitates the quick...