Free Toolkits for Automating Malware ...

Free Toolkits for Automating Malware Analysis


Automating some aspects of malware analysis is critical for organizations that process large numbers of malicious programs. Such automation allows analysts to focus on the tasks that require human insights. There are several free toolkits you can use as the starting point for building your own automated malware analysis lab. The focus of this post is on the tools you can install locally; I wrote about free web-based behavioral analysis services earlier.
Two feature-rich and highly customizable options are outlined below:


There are several other toolkits you may find useful for automating aspects of behavioral malware analysis:
  • Zero Wine by Joxean Koret is a full-featured tool for dynamically analyzing the behavior of Windows malware by running it within the WINE emulator on Linux.
  • Buster Sandbox Analyzer by Buster is a wrapper around the Sandboxie tool for Windows, which helps you examine the key actions of applications executed by Sandboxie in your lab.
  • Malheur by Konrad Rieck is a very promising tool for analyzing the volumes of data collected by behavioral sandboxes.
  • REMnux by yours truly is a lightweight Linux distribution for assisting malware analysts in reverse-engineering malicious software.


If you’re interested in building your own malware analysis toolkit manual behavioral review, take a look at the article I wrote earlier. You may also be interested in reading about the limitations of automated malware analysis.
Lenny Zeltser



轉自 http://blog.zeltser.com/post/1284687696/malware-analysis-tool-frameworks

0 意見: