Cuckoo Sandbox - Automated Malware Analysisby Claudio Guarnieri via Hack In The Box Security Conference

Cuckoo Sandbox is an open source automated malware analysis system. It started as a Google Summer of Code 2010 project with The Honeynet Project and evolved into being one of the most appreciated and popular open source sandbox solutions.

It’s goal is to provide a way to automatically analyze files and collect comprehensive results describing and outlining what such files do while executed inside an isolated environment. It’s mostly used to analyze Windows executables, DLL files, PDF documents, Office documents, PHP scripts, Python scripts, Internet URLs and almost anything else you can imagine. In this presentation we’ll discuss about open source sandboxing, we’ll dive into the design and development of Cuckoo and we’ll kick off from regular usage and move into more juicy experiments, playing with APTs, exploits and banking trojans of every flavor.

Published 14 March 2015