14 matches found
MalConfScan - Volatility Plugin For Extracts Configuration Data Of Known Malware
MalConfScan is a Volatility plugin extracts configuration data of known malware. Volatility is an open-source memory forensics framework for incident response and malware analysis. This tool searches for malware in memory images and dumps configuration data. In addition, this tool has a function ...
UPDATE: Cuckoo Sandbox 2.0.7
PenTestIT RSS Feed It has been some time that I posted about the Cuckoo Sandbox. Good news is that the guys at the Cuckoo Foundation are not silent and have released the Cuckoo Sandbox 2.0.7, with lots of improvements, code cleanup, support for VirtualBox 6 and the well deserved support for the...
VirusTotal launches 'Droidy' sandbox to detect malicious Android apps
One of the biggest and most popular multi-antivirus scanning engine service has today launched a new Android sandbox service, dubbed VirusTotal Droidy, to help security researchers detect malicious apps based on behavioral analysis. VirusTotal, owned by Google, is a free online service that allow...
UPDATE: Cuckoo Sandbox 2.0.4
PenTestIT RSS Feed My previous post was about this open source, malware analysis automation framework - Cuckoo Sandbox 2.0.0. This post however, is about an update made to the framework. We now have Cuckoo Sandbox 2.0.4 which include a number of important improvements simplifying and improving yo...
Automated Android Malware Analysis: CuckooDroid
CuckooDroid is an extension of Cuckoo Sandbox the Open Source software for automating analysis of suspicious files. CuckooDroid brigs to cuckoo the capabilities of execution and analysis of android application. CuckooDroid is an automated, cross-platform, emulation and analysis framework based on...
CuckooDroid - Automated Android Malware Analysis with Cuckoo Sandbox
CuckooDroid is an extension of Cuckoo Sandbox the Open Source software for automating analysis of suspicious files, CuckooDroid brigs to cuckoo the capabilities of execution and analysis of android application. Installation - Easy integration script: git config --global user.email...
Cuckoo Sandbox Guest 2.0.1 Code Execution
-- coding: utf8 -- """ Exploit Title: Cuckoo Sandbox Guest XMLRPC Privileged RCE PoC Date: June 28th 2016 Exploit Author: Rémi ROCHER Vendor Homepage: https://cuckoosandbox.org/ Software Link: https://github.com/cuckoosandbox/cuckoo/archive/master.zip Version: = 2.0.1 Tested on: MS Windows 7, MS...
Cuckoo Sandbox Guest 2.0.1 - XMLRPC Privileged Remote Code Execution
Exploit for windows platform in category local exploits -- coding: utf8 -- """ Exploit Title: Cuckoo Sandbox Guest XMLRPC Privileged RCE PoC Date: June 28th 2016 Exploit Author: Rémi ROCHER Vendor Homepage: https://cuckoosandbox.org/ Software Link:...
Cuckoo Sandbox Guest 2.0.1 - XMLRPC Privileged Remote Code Execution
Cuckoo Sandbox Guest 2.0.1 - XMLRPC Privileged Remote Code Execution -- coding: utf8 -- """ Exploit Title: Cuckoo Sandbox Guest XMLRPC Privileged RCE PoC Date: June 28th 2016 Exploit Author: Rémi ROCHER Vendor Homepage: https://cuckoosandbox.org/ Software Link:...
Cuckoo Sandbox Guest 2.0.1 - XMLRPC Privileged Remote Code Execution
-- coding: utf8 -- """ Exploit Title: Cuckoo Sandbox Guest XMLRPC Privileged RCE PoC Date: June 28th 2016 Exploit Author: Rémi ROCHER Vendor Homepage: https://cuckoosandbox.org/ Software Link: https://github.com/cuckoosandbox/cuckoo/archive/master.zip Version: = 2.0.1 Tested on: MS Windows 7, MS...
AntiCuckoo - A Tool to Detect and Crash Cuckoo Sandbox
A tool to detect and crash Cuckoo Sandbox. Tested in Cuckoo Sandbox Official and Accuvant's Cuckoo version. Features Detection: Cuckoo hooks detection all kind of cuckoo hooks. Suspicius data in own memory without APIs, page per page scanning. Crash Execute with arguments out of a sandbox these...
CuckooAutoInstall - Auto Installer Script for Cuckoo Sandbox
What is Cuckoo Sandbox? In three words, Cuckoo Sandbox is a malware analysis system. What does that mean? It simply means that you can throw any suspicious file at it and in a matter of seconds Cuckoo will provide you back some detailed results outlining what such file did when executed inside an...
Malware Evasion Techniques Dissected at Black Hat
Malware ingenuity isn’t limited to its functionality or its ability to propagate. Sometimes malicious code has to have guile to survive. That means for the most part having an innate understanding of when it’s being analyzed by a security expert. Numerous samples from different malware families...
[Malwasm] Offline debugger for malware's reverse engineering
Malwasm is a tool based on Cuckoo Sandbox available here. Malwasm was designed to help people that do reverse engineering. Malwasm step by step: the malware to analyse is executed through Cuckoo Sandbox during the execution, malwasm logs all activites of the malware with pintool all activities ar...