Cuckoo 0.5 is out and the world didn't end
This one kind of slipped by unnoticed over the holidays, but Claudio & company released a new version of the Cuckoo sandbox and it has some some nice new features. Some of the more significant ones to me are:
- full memory dumps of the virtual machines
- added packages for jar, java applet, and zip files
- support for Windows 7 (yippee!!!)
Add to that lots of other improvements and bug fixes (check them out at the link below) and I can't wait to play with it myself. This project is turning into a very nice flexible automated malware analysis tool. If any of our readers have had a chance to try out the new version and want to share their thoughts, please let us know in the comments or via the contact form. If I get a chance to do some serious playing with it before my next shift, I'll try to write up my experiences. In the meantime, kudos to Claudio & company, keep up the good work.
References:
http://cuckoosandbox.org/2012-12-20-to-the-end-of-the-world.html
---------------
Jim Clausing, GIAC GSE #26
jclausing --at-- isc [dot] sans (dot) edu
LINUX Incident Response and Threat Hunting | Online | Japan Standard Time | Oct 21st - Oct 26th 2024 |
Comments