Opensource Sandboxes

Hi there,

*Please let me know if this is not the correct Topic to post this.*

Can anyone help to provide opensource security sandboxes that is segregated from the network to use in opening malicious files or deep malware analysis?

Has virtualization/container functionality will be good to know.

Sample is: joesecurity .org

Please add other options so everyone can check and review. Gracias!

Find more posts tagged with

#sandbox

cloudsecurity

Comments

suitsonfire

https://cuckoosandbox.org/ - probably the most well know open source sandbox option. I had set this up as a VM about two years just to test it out and overall it was pretty nice.

I am doing a bit of research myself on other sandbox options out there. Not necessarily only open source but one that would be the best fit for the SOC I currently work at.
What sandbox options do other SOC's primarily use if you don't have full blown malware analyst's to dissect files? Thanks.

Severine

Sandboxing technique is used to execute or detonate a suspicious URL or code or file attached to email in an isolated test environment, and then observe what happens or observe how it behaves or observes the output.

JDMurray

Do you really need "Open Source" or do you just mean "free of charge?"

cyberguypr

I also read this as "free of charge". Are you looking for on-prem things were you have tons of control for analysis or just something that will spit out a report of findings ? Good starter list here: https://zeltser.com/automated-malware-analysis/