Cuckoo sandbox - PSJoshi/Notes GitHub Wiki

• Virtualbox, VirtualMachine, Cuckoo, Anubis, ThreatExpert, Sandboxie, QEMU, Analysis Tools Detection Tools - https://github.com/AlicanAkyol/sems

• Installation of cuckoo from scratch - https://anupriti.blogspot.com/2015/09/cuckoo-sandboxautomatic-malware.html

• Introduction to Cuckoo ML - https://www.honeynet.org/node/1325

• Malware analysis using cuckoo and Malheur - https://blog.malwarebytes.com/threat-analysis/2015/08/automatic-analysis-using-malheur-and-cuckoo/

• Malware analysis virtual machine - https://oalabs.openanalysis.net/2018/07/16/oalabs_malware_analysis_virtual_machine/

• DFI blacklisting using cuckoo - http://dfi-docs.readthedocs.io/en/latest/index.html

• https://rastamouse.me/2017/05/playing-with-cuckoo/

• https://ensurtec.com/cuckoo-sandbox-setup-tutorial/

• https://www.trustedsec.com/2018/05/malware-cuckoo-2/

• https://blog.nviso.be/2018/04/12/painless-cuckoo-sandbox-installation/

• https://7ms.us/7ms-311-how-to-build-a-cuckoo-sandbox/

• Automating malware analysis using cuckoo - http://ly0n.me/2018/04/25/automating-malware-analysis-cuckoo-api-postfix/

• Cuckoo sandbox notes - https://eugenekolo.com/blog/cuckoo-sandbox-notes/

• Multiscanner from MITRE - https://media.readthedocs.org/pdf/multiscannerdocs

• Containerizing your Security operations center - https://www.slideshare.net/JimmyMesta/containerizing-your-security-operations-center-67311960

• Machine learning for cuckoo sandbox - https://www2.honeynet.org/2016/08/26/introduction-to-cuckooml-machine-learning-for-cuckoo-sandbox/

• Deployment of malware sandbox - https://www.sans.org/reading-room/whitepapers/incident/deployment-flexible-malware-sandbox-environment-open-source-software-36207

• Setting up Cuckoo sandbox - https://tom-churchill.blogspot.com/2017/08/setting-up-cuckoo-sandbox-step-by-step.html

• Virtualbox hardening - https://byte-atlas.blogspot.com/2017/02/hardening-vbox-win7x64.html

• Cuckoo detailed installation blog - https://infosecspeakeasy.org/t/howto-build-a-cuckoo-sandbox/27

• Cuckoo reddit thread - https://www.reddit.com/r/Malware/comments/5u0iyb/how_do_i_setup_cuckoo/

• VM-clock scaling cuckoo - http://jbremer.org/vmcloak3/

• MITRE Multi-scanner distributed file analysis framework - https://github.com/mitre/multiscanner

• Setting up malware sandbox environment - https://www.sans.org/reading-room/whitepapers/incident/deployment-flexible-malware-sandbox-environment-open-source-software-36207

• Comparison of linux malware sandboxes limon,remux,cuckoo - https://aut.researchgateway.ac.nz/bitstream/handle/10292/11842/OlowoyeyeO.pdf

• Cuckoo community rules - https://github.com/cuckoosandbox/community/archive/master.tar.gz

• Cuckoo installation - https://infrasecsolutions.com/cuckoo-for-malware-analysis/

• Cuckoo auto install script - https://github.com/NVISO-BE/SEC599/blob/master/cuckoo-install.sh

• ENISA malware analysis environment note - https://www.enisa.europa.eu/topics/trainings-for-cybersecurity-specialists/online-training-material/documents/building-artifact-handling-and-analysis-environment-toolset

• https://7ms.us/7ms-311-how-to-build-a-cuckoo-sandbox/

• http://sudokom.web.id/build-malware-analysis-sandbox-using-cuckoo/

• https://resources.infosecinstitute.com/portable-malware-lab-for-beginners/#gref

• http://developers-club.com/posts/234467/

Papers

• VMI based dynamic malware analysis in cloud - https://hal.archives-ouvertes.fr/hal-01316519/document
• Cuckoo based Malware threat intelligence - https://www.scpe.org/index.php/scpe/article/download/1300/509
• Modelling malware driven hoenypots - https://www.nics.uma.es/pub/papers/1656.pdf
• Network containment issues in malware analysis - http://www.syssec-project.eu/m/page-media/3/graziano-acsac12.pdf
• Malware collection and analysis using hardware virtualization - https://opencommons.uconn.edu/cgi/viewcontent.cgi

Articles

• Automating suspicious email link analysis - https://www.linkedin.com/pulse/automating-suspicious-email-analysis-karthikganesan-i
• Sandbox comparison - https://marcoramilli.blogspot.com/2015/10/sandboxes-personal-evaluations.html

Git repositories

• Cuckoo modified - https://github.com/brad-accuvant/cuckoo-modified
• Phoenix - https://github.com/SparkITSolutions/phoenix
• Cuckoo report parser - https://github.com/Hullgj/report-parser
• Cuckoo based malware classification using ML - https://github.com/katerynaCh/Malware-Classification-with-ML
• Malware class labelling tool - https://github.com/malicialab/avclass

Presentations

• Implementing automated incident response - https://www.rsaconference.com/writable/presentations/file_upload/anf-t10_implementing-an-automated-incident-response-architecture.pdf
• Comparison of Cuckoo, process monitor and noriben sandbox - http://www.tp1rc.edu.tw/tpnet2017/training/10612.pdf
• How do I Sandbox: presentation - https://recon.cx/2013/slides/recon2013-Jurriaan%20Bremer-Haow%20do%20I%20sandbox.pdf