CAPEv2
ace-firefist
CAPEv2 | ace-firefist | |
---|---|---|
5 | 1 | |
1,674 | 16 | |
- | - | |
9.9 | 5.3 | |
2 days ago | about 1 year ago | |
Python | Python | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
CAPEv2
-
Does anyone installed cuckoo sandbox recently?
https://github.com/kevoreilly/CAPEv2 is a more "production ready" solution.
-
Looking for a good alternative to AppAnyRun
CAPEv2 CUCKOO Sandbox
- Since Cuckoo is not longer officially supported and the 3.0 project revival by Hatching seems dead what sandboxes that are standalone do you use?
-
mmm ITRG is stinky
Usually Windows Defender gets false positives and I ignore them, but for good measure, I decided to scan two of the .exe files that were a part of this torrent using VirusTotal. First one picked up nothing, second one also had no detections, however: "Matches rule EternalRomance by kevoreilly from ruleset EternalRomance at https://github.com/kevoreilly/CAPEv2"
- Dynamic Analysis Tools
ace-firefist
-
Initial acess simulation tests
To test initial access with file execution can try something like https://github.com/dobin/ace-firefist
What are some alternatives?
cuckoo3 - Cuckoo 3 is a Python 3 open source automated malware analysis system.
attack-stix-data - STIX data representing MITRE ATT&CK
cuckoo - Cuckoo Sandbox is an automated dynamic malware analysis system
drakvuf-sandbox - DRAKVUF Sandbox - automated hypervisor-level malware analysis system
yarGen - yarGen is a generator for YARA rules
Fegaria-Remastered - Similar to my other project Fegaria, but with improved graphics, collisions and terrain generation.
atomic-red-team - Small and highly portable detection tests based on MITRE's ATT&CK.
theZoo - A repository of LIVE malwares for your own joy and pleasure. theZoo is a project created to make the possibility of malware analysis open and available to the public.
pyWhat - 🐸 Identify anything. pyWhat easily lets you identify emails, IP addresses, and more. Feed it a .pcap file or some text and it'll tell you what it is! 🧙♀️
dumpulator - An easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in general (sandboxing).