Bubblewrap VS Cuckoo Sandbox

Recently, I came across Chainguard and wrote the article How to build Docker Images with Melange and Apko. As a fervent supporter of Kubernetes and GitLab CI, I was eager to experiment with building images using Melange in this particular setup. GitLab's shared Runners work seamlessly with Bubblewrap, eliminating the need for additional configurations. This post is intended for enthusiasts like myself, interested... - Source: dev.to / 4 months ago

``` This is basically manually invoking what Flatpak does: https://github.com/containers/bubblewrap This is also useful for more than just security. E.G., you can test how your app would behave on a fresh install by masking your user configuration files. I personally also have a tool that uses it to basically bundle all dependencies from an entire Linux... - Source: Hacker News / 8 months ago

To, say, override the KDE plugins while testing. This is useful for me since it's rather challenging during development to actually get KDE apps to reliably load my plugins on NixOS: I think kio slaves are probably wrapped and getting other environments injected into them. Rather than bother with any tricky hacks, Linux namespaces make it relatively easy to test regardless. Bubblewrap is used internally by Flatpak... - Source: Hacker News / 10 months ago

After some research I had nailed down that I would have to use either bubblewrap, PWABuilder or Capacitor. Since all those worked with Progressive Web Apps, I set out to start with building a PWA. - Source: dev.to / 11 months ago

Well, they run inside https://github.com/containers/bubblewrap which is a sandbox system. In Flatpak you can override any "hole" that might be the default. Source: 12 months ago

You can detonate it into a VM running an instance of Cuckoo Sandbox. If you want to go the extra mile, you can dump the memory of said VM and analyse it with Volatility Framework. Also, if you want to quickly identify behavioural patterns in executable code, you can use Mandiant's CAPA tool (though idk if it works on .pdfs). Source: 12 months ago

You should save a copy of the .exe, copy it into a VM running Cuckoo and get a report on exactly what the .exe does. Without this automated dissection, people are making educated guesses. They're probably right, but why not be certain? There is an online version too - https://cuckoosandbox.org. Source: about 1 year ago

You could use a service like cuckoo to check links/files. Source: over 1 year ago

I made my own lab in college using a series of VM's, A windows 10 machine that was packed with analysis tools, a kali listening machine (running inetsim or fakenet, I can't remember.) and I had remnux on another machine (which I ended up not really making use of, but it was there.) I used virtualbox and ran these VM's in an internal network, no internet access. Disabled all clipboard and file sharing after... Source: over 1 year ago

Another option if you want to self-host is https://cuckoosandbox.org/ . Of note, it's currently an unmaintained project so issues may not receive support, but it is free. Source: over 1 year ago