SandboxAPI Logo

SandboxAPI

0
Free
Visit Website

A minimal, consistent API for building integrations with malware sandboxes. This library currently supports the following sandbox systems: * Cuckoo Sandbox * Falcon Sandbox (Formerly VxStream) * FireEye AX Series * Hatching Triage * Joe Sandbox * MetaDefender Sandbox * VMRay Analyzer * WildFire Sandbox It provides at least the following methods for each sandbox: * is_available(): Check if the sandbox is operable and reachable; returns a boolean * analyze(handle, filename): Submit a file for analysis; returns an item_id * check(item_id): Check if analysis has completed for a file; returns a boolean * report(item_id, report_format='json'): Retrieve the report for a submitted file * score(report): Parse out and return an integer score from the report object Some sandbox classes may have additional methods implemented. See inline documentation for more details. Note that the value returned from the score method may be on the range 0-10, or 0-100, depending on the sandbox in question, so you should refer to the specific sandbox's documentation when interpreting this value.

FEATURES

ALTERNATIVES

A PE/COFF file viewer that displays header, section, directory, import table, export table, and resource information within various file types.

Automatic analysis of malware behavior using machine learning.

Bindings for the Yara library from VirusTotal with support for Yara v4.2 and various features like rule compilation and scanning.

Binary Ninja is an interactive decompiler, disassembler, debugger, and binary analysis platform with a focus on automation and a clean GUI.

A developer added malicious code to a popular open-source package, wiping files on computers in Russia and Belarus as a protest.

A PowerShell module for interacting with VirusTotal to analyze suspicious files and URLs.

Automate the exploitation of XXE vulnerabilities

A portable version of XSSHunter.com for finding and exploiting Cross-Site Scripting (XSS) vulnerabilities.

PINNED