« Previous 1 2 3
The Cuckoo sandboxing malware analysis tool
Cuckoo, Cuckoo
Conclusions
Cuckoo is a very powerful tool for analyzing malware. Thanks to the modular implementation, the software can be expanded very easily with your own modules and thus adapts ideally to suit your needs. If you want to take a look at the software before installing, pay a visit to the free malwr malware analysis service [9], which uses Cuckoo as the back end.
Infos
- IDA Pro: https://www.hex-rays.com/products/ida/
- FireEye: https://www.fireeye.com
- Cuckoo project site: https://cuckoosandbox.org
- Cuckoo wget module: https://github.com/aspel/cuckoo/commit/f4d7960ca28bd5b5e2ec356d18056cb07ac6a8f0
- Malware domain list: https://www.malwaredomainlist.com/mdl.php
- Installing a virtual machine using KVM/libvirt and virt-manager: http://www.virt-tools.org
- EICAR test file: http://www.eicar.org/86-0-Intended-use.html
- Cuckoo documentation: http://docs.cuckoosandbox.org/en/latest/
- Cuckoo online service: https://malwr.com
« Previous 1 2 3
Buy this article as PDF
Express-Checkout as PDF
Price $2.95
(incl. VAT)
(incl. VAT)
Buy ADMIN Magazine
TABLET & SMARTPHONE APPS
US / Canada
UK / Australia
Related content
-
Malware analysis in the sandbox
In malware analysis, a sandbox can provide insight into the software and its run-time environment. While a sandbox can prevent the execution of malicious code with built-in detection mechanisms, malware developers can use countermeasures to take advantage of those same detection mechanisms. -
Detecting and analyzing man-in-the-middle attacks
Wireshark and a combination of tools comprehensively analyze your security architecture. -
Secure Your KVM Virtual Machines
A common misconception posits that software cannot cause mischief if you lock the system away in a virtual machine, because even if an intruder compromises the web server on the virtual machine, it will only damage the guest. If you believe this, you are in for a heap of hurt. -
Data Compression as a CPU Benchmark
Data compression is a more realistic compute benchmark than number crunching. -
Controlling virtual machines with VNC and Spice
Administrators on Linux virtual machines tend to use VNC to transfer the graphical system to Virtual Machine Manager or a VNC client. One alternative is Spice: If the guest system is running the QXL driver, you can look forward to fast graphics and audio pass through.
Subscribe to our ADMIN Newsletters
Find SysAdmin Jobs
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Topics
12.04 LTS
16 cores
8 cores
AI
AMD
AMD-V
AMI
Active Directory
Administration
Amazon AWS
Amazon CloudFront
Amazon Machine Images
Anaconda
Analytics
Ansible
Apache
Apache Deltacloud
Apache benchmarking tool
ab
acceleration
acquisition
admin tools
agedu
alert
amazon
analysis
analysis
anticipatory
application performance