The makers of the open source Cuckoo Sandbox have just released a new version of their malware analysis tool. New capabilities in version 1.2 include behavior search, a network streams view, and comparative analysis. They have also added support for bare-metal and XenServer environments, an update to Volatility 2.4, and improvements to the Django-based web interface.
A number of new tools, forks, services and products emulating our efforts have been appearing casting some shadows and doubts on the future of our project. Fear not, we are as committed as ever to produce one of the best free software resources to the malware research community.
We’re here to stay, and here’s the proof of that. Cuckoo Sandbox 1.2 is now available for download! Visit the Download page, get your copy, read the documentation, and fire it up.
This release’s changelog is one of the longest so far, and it includes numerous new features that have been requested by our users for a long time, including for example support for bare-metal and XenServer analysis, respectively contributed by MITRE and Adam Meily. In Cuckoo Sandbox 1.2 we are also supporting Volatility 2.4 and improved the results generated by the integration of the two tools. We see in Cuckoo and Volatility two irreplaceable tools in a malware analyst’s arsenal, and we invite you all to research into additional ways to enhance their integration.
Many improvements were made to the Django-based web interface, which has most certainly become the primary and most recommended way to consume the results of Cuckoo Sandbox analyses.
Continue reading here.
Today’s post pic is from Github.com.