Cuckoo Sandbox Reviews and details

Social recommendations and mentions

• How to analyze malicious PDF?

  You can detonate it into a VM running an instance of Cuckoo Sandbox. If you want to go the extra mile, you can dump the memory of said VM and analyse it with Volatility Framework. Also, if you want to quickly identify behavioural patterns in executable code, you can use Mandiant's CAPA tool (though idk if it works on .pdfs). Source: 12 months ago

• "PDF".exe pwns my user, but how exactly?

  You should save a copy of the .exe, copy it into a VM running Cuckoo and get a report on exactly what the .exe does. Without this automated dissection, people are making educated guesses. They're probably right, but why not be certain? There is an online version too - https://cuckoosandbox.org. Source: 12 months ago

• Exist a way, that can tell X file that I want to download not contain any malicious file?

  You could use a service like cuckoo to check links/files. Source: over 1 year ago

• Best practices for malware analysis and securing the environment you're testing in.

  I made my own lab in college using a series of VM's, A windows 10 machine that was packed with analysis tools, a kali listening machine (running inetsim or fakenet, I can't remember.) and I had remnux on another machine (which I ended up not really making use of, but it was there.) I used virtualbox and ran these VM's in an internal network, no internet access. Disabled all clipboard and file sharing after... Source: over 1 year ago

• Sandbox?

  Another option if you want to self-host is https://cuckoosandbox.org/ . Of note, it's currently an unmaintained project so issues may not receive support, but it is free. Source: over 1 year ago

• What kind of AV Scanner can check a large file?

  Probably just need to change how you process files that are being uploaded. Here are a few options that may help out for on-prem or cloud. - https://developers.virustotal.com/reference/overview - https://cuckoosandbox.org/ - https://aws.amazon.com/blogs/apn/integrating-amazon-s3-malware-scanning-into-your-application-workflow-with-cloud-storage-security/. Source: over 1 year ago

• Looking for privacy friendly Internet Security program. Is there any?

  If you really want an antivirus your best bet is https://cuckoosandbox.org/ I don't use it myself. Source: almost 2 years ago

• Best Sandbox Solution(s)?

  I think they are talking about malware analysis sandboxes. Good and free examples are cuckoo sandbox and flare vm. There are a lot of commercial ones too, joesandbox, Falcon Sandox, VMRay, etc. Source: almost 2 years ago

• I am trying to download Wondershare UniConverter and was wondering if it is normal for patches to have so many flags on virustotal? Btw this is from FTUApps.dev from the megathread.

  You can also use tools like Simplewall, Wireshark, Sandboxie /Cuckoo Sandbox, Process Explorer/Process Hacker to help you with this analyze and also to protect you system and data. Source: almost 2 years ago

• Which Linux distribution would you recommended for only using as quarantina?

  I think what you need it’s a sandbox. https://cuckoosandbox.org/ this is might what you want. Source: about 2 years ago

• How could I route network traffic from a FLARE VM through a REMnux VM using VirtualBox while also keeping my home network safe? What is FakeNet-NG, SOCKS, Squid, INetSim, and how do they relate?

  **local network settings on network adapter. +Fake net should be enough. +Use Wireshark while detonating the malware. +https://cuckoosandbox.org/. Source: about 2 years ago

• Is there something like this for proxmox?

  This is incredibly helpful when you use something like https://cuckoosandbox.org/ to detonate and analyze malware. Source: about 2 years ago

• Paranoia About Everything

  This can be a very deep rabbit hole to get yourself into so be careful and try not to let it consume your life, unless you want a career in this, use your time for more useful stuff that you value, you won't get it back and as long as you stick to trusted sources and follow the news if anything you use comes up you'll be fine. That being said, if you really want to get into it, this tool may be a useful starting... Source: about 2 years ago

• Tips for making malware lab for school project

  Cuckoo - great python project for creating a sandbox environment for testing malware. Some decent videos on YouTube for setting it up Https://cuckoosandbox.org/. Source: over 2 years ago

• Can arbitrary code be safely run in aws lambda?

  I've heard of people running malware on cuckoos. Source: over 2 years ago

• Cloud-Based Malware Sandbox

  Stuff like Joe Sandbox or any.run - or just something to explode your email attachments within? Run your own? Check https://cuckoosandbox.org/. Source: almost 3 years ago

• What can I do if I accidentally downloaded malware instead of the pirated software I wanted?

  This, also you can use https://cuckoosandbox.org/ to find out more information if it is malicious. Source: almost 3 years ago

• App Containerization

  And if you want to dig inside malware prevention and scanning, have a look on ReHIPS Cuckoo Sandbox. Source: about 3 years ago