Based on our record, Wazuh should be more popular than Cuckoo Sandbox. It has been mentiond 49 times since March 2021. We are tracking product recommendations and mentions on various public social media platforms and blogs. They can help you identify which product is more popular and what people think of it.
You can detonate it into a VM running an instance of Cuckoo Sandbox. If you want to go the extra mile, you can dump the memory of said VM and analyse it with Volatility Framework. Also, if you want to quickly identify behavioural patterns in executable code, you can use Mandiant's CAPA tool (though idk if it works on .pdfs). Source: 12 months ago
You should save a copy of the .exe, copy it into a VM running Cuckoo and get a report on exactly what the .exe does. Without this automated dissection, people are making educated guesses. They're probably right, but why not be certain? There is an online version too - https://cuckoosandbox.org. Source: 12 months ago
You could use a service like cuckoo to check links/files. Source: over 1 year ago
I made my own lab in college using a series of VM's, A windows 10 machine that was packed with analysis tools, a kali listening machine (running inetsim or fakenet, I can't remember.) and I had remnux on another machine (which I ended up not really making use of, but it was there.) I used virtualbox and ran these VM's in an internal network, no internet access. Disabled all clipboard and file sharing after... Source: over 1 year ago
Another option if you want to self-host is https://cuckoosandbox.org/ . Of note, it's currently an unmaintained project so issues may not receive support, but it is free. Source: over 1 year ago
I use Wazuh instead. Greenbone CE is severely limited and requires payment for anything beyond the very basic. Super simple installation more features. Source: 5 months ago
Monitoring & Active Measures - Exporting firewall events to an external time-series database like I describe above is good to see who is touching your firewall or accessing your web site. Using an Intrusion Detection System / Intrusion Prevention System (IDS/IPS) such as open-source Suricata, which is a free package on pfSense, and deploying file system integrity monitoring, such as the open-source Wazuh on the... Source: 6 months ago
Wazuh: An open source security monitoring platform that integrates with popular tools like Elasticsearch and Kibana to provide comprehensive security event analysis and response capabilities. - Source: dev.to / 12 months ago
On another note, as mentioned in my response to the question of this post, we are working on a complete rework of the Vulnerability Detection engine. This rework will provide a sanitized CVEs feed from wazuh.com and a completely new scanner engine. It will also include a new UI for global queries. Source: 12 months ago
Nessus essentials (https://www.tenable.com/products/nessus/nessus-essentials) might do the trick. It can help to check what kind of services you are running are vulnerable to exploits. Also, the general recommendation here would be not to use default ports for all the services you are exposing. Also, you can check something like Wazuh - https://wazuh.com/. Source: 12 months ago
Any.Run - Interactive malware hunting service. Any environments ready for live testing most type of threats.
Zabbix - Track, record, alert and visualize performance and availability of IT resources
Sandboxie - Sandboxie is a program for Windows that is designed to allow the user to isolate individual programs on the hard drive.
Fortinet FortiAnalyzer - Fortinet FortiAnalyzer is a powerful product for Security Fabric Analytics and Automation.
VirusTotal - VirusTotal is a free service that analyzes suspicious files and URLs and facilitates the quick...
Beats - Beats is the platform for single-purpose data shippers that is installed as lightweight agents and send data to machines to Logstash or Elasticsearch.