Cuckoo Sandbox: Automated malware analysis

Cuckoo Sandbox is an open source automated malware analysis system. It started as a Google Summer of Code 2010 project with The Honeynet Project and evolved into being one of the most appreciated and popular open source sandbox solutions.

It’s goal is to provide a way to automatically analyze files and collect comprehensive results describing and outlining what such files do while executed inside an isolated environment.

It’s mostly used to analyze Windows executables, DLL files, PDF documents, Office documents, PHP scripts, Python scripts, Internet URLs and almost anything else you can imagine.

This video from Hack in The Box Amsterdam 2012 discusses open source sandboxing,the design and development of Cuckoo, regular usage as well as more advanced experiments, playing with APTs, exploits and banking Trojans.