Any.Run VS Bubblewrap

Https://app.any.run/ should be enough for most of the cases. If you have packed/encrypted sample (like EMP.dll from Empress), you can't do anything. Source: 11 months ago

If you open it on https://app.any.run it will show you the outbound connections it makes. If you're responsible for such things, you could then block this on your web proxy/firewall/whatever. Source: 12 months ago

Hello! Try this https://app.any.run/. Source: about 1 year ago

Does anyone have an account at app.any.run to have more analysis about their file? Source: about 1 year ago

App.any.run was probably the most useful thing in getting to understand how malware works, its basically an sandbox where it shows you all actions, changes, modifications and network connections done by any executable, including any malware, you can begin by analyzing this piece of Redline Stealer. Source: over 1 year ago

As an example we will look at man 1 bwrap. Bubblewrap allows us to sandbox an application, not too dissimilar to docker. Flatpaks use bubblewrap as part of their sandbox. Bubblewrap can optionally take in a list of syscalls to filter. The filter is expressed as a BPF(Berkley Packet Filter program - remember when I said docker gives you a friendlier interface to seccomp?) program. Below is a short program... - Source: dev.to / 1 day ago

I have already been using bubblewrap[1] to isolate KeePassXC from the network and more (the only access it has is to its own private directory and the Wayland socket). I wouldn't recommend relying on devs or maintainers to do application isolation work for you. [1] <https://github.com/containers/bubblewrap>. - Source: Hacker News / 11 days ago

Recently, I came across Chainguard and wrote the article How to build Docker Images with Melange and Apko. As a fervent supporter of Kubernetes and GitLab CI, I was eager to experiment with building images using Melange in this particular setup. GitLab's shared Runners work seamlessly with Bubblewrap, eliminating the need for additional configurations. This post is intended for enthusiasts like myself, interested... - Source: dev.to / 5 months ago

``` This is basically manually invoking what Flatpak does: https://github.com/containers/bubblewrap This is also useful for more than just security. E.G., you can test how your app would behave on a fresh install by masking your user configuration files. I personally also have a tool that uses it to basically bundle all dependencies from an entire Linux... - Source: Hacker News / 9 months ago

To, say, override the KDE plugins while testing. This is useful for me since it's rather challenging during development to actually get KDE apps to reliably load my plugins on NixOS: I think kio slaves are probably wrapped and getting other environments injected into them. Rather than bother with any tricky hacks, Linux namespaces make it relatively easy to test regardless. Bubblewrap is used internally by Flatpak... - Source: Hacker News / 10 months ago