SandboxAPI Logo

SandboxAPI

0
Free
Visit Website

A minimal, consistent API for building integrations with malware sandboxes. This library currently supports the following sandbox systems: * Cuckoo Sandbox * Falcon Sandbox (Formerly VxStream) * FireEye AX Series * Hatching Triage * Joe Sandbox * MetaDefender Sandbox * VMRay Analyzer * WildFire Sandbox It provides at least the following methods for each sandbox: * is_available(): Check if the sandbox is operable and reachable; returns a boolean * analyze(handle, filename): Submit a file for analysis; returns an item_id * check(item_id): Check if analysis has completed for a file; returns a boolean * report(item_id, report_format='json'): Retrieve the report for a submitted file * score(report): Parse out and return an integer score from the report object Some sandbox classes may have additional methods implemented. See inline documentation for more details. Note that the value returned from the score method may be on the range 0-10, or 0-100, depending on the sandbox in question, so you should refer to the specific sandbox's documentation when interpreting this value.

FEATURES

ALTERNATIVES

Guide on emulating Raspberry Pi with QEMU and exploring Arm TrustZone research.

Command line tool for testing CRLF injection on a list of domains.

Automated Android Malware Analysis tool

dynStruct is a tool for monitoring memory accesses of an ELF binary and recovering structures of the original code.

Checksec is a bash script to check the properties of executables like PIE, RELRO, Canaries, ASLR, Fortify Source.

Collects Yara rules from over 150 free resources, a free alternative to Valhalla.

A Burp intruder extender for automating and validating XSS vulnerabilities

Debugger and .NET assembly editor with advanced debugging features.