Cuckoo Sandbox is a leading open source automated malware analysis system. This means that you can throw any suspicious file at it and, in a matter of seconds, Cuckoo will provide you with some detailed results outlining what said file did when executed inside an isolated environment.

Cuckoo Malware Analysis is a hands-on guide that will provide you with everything you need to know to use Cuckoo Sandbox with added tools like Volatility, Yara, Cuckooforcanari, Cuckoomx, Radare, and Bokken, which will help you to learn malware analysis in an easier and more efficient way.

Cuckoo Malware Analysis will cover basic theories in sandboxing, automating malware analysis, and how to prepare a safe environment lab for malware analysis. You will get acquainted with Cuckoo Sandbox architecture and learn how to install Cuckoo Sandbox, troubleshoot the problems after installation, submit malware samples, and also analyze PDF files, URLs, and binary files. This book also covers memory forensics – using the memory dump feature, additional memory forensics using Volatility, viewing result analyses using the Cuckoo analysis package, and analyzing APT attacks using Cuckoo Sandbox, Volatility, and Yara.

Finally, you will also learn how to screen Cuckoo Sandbox against VM detection and how to automate the scanning of e-mail attachments with Cuckoo.

Osoby które kupowały "Cuckoo Malware Analysis. Analyze malware using Cuckoo Sandbox", wybierały także:

• Windows Media Center. Domowe centrum rozrywki 66,67 zÅ‚, (8,00 zÅ‚ -88%)
• Ruby on Rails. Ćwiczenia 18,75 zÅ‚, (3,00 zÅ‚ -84%)
• DevOps w praktyce. Kurs video. Jenkins, Ansible, Terraform i Docker 190,00 zÅ‚, (39,90 zÅ‚ -79%)
• Przywództwo w Å›wiecie VUCA. Jak być skutecznym liderem w niepewnym Å›rodowisku 58,64 zÅ‚, (12,90 zÅ‚ -78%)
• Scrum. O zwinnym zarzÄ…dzaniu projektami. Wydanie II rozszerzone 58,64 zÅ‚, (12,90 zÅ‚ -78%)

Spis treści

Cuckoo Malware Analysis. Analyze malware using Cuckoo Sandbox eBook -- spis treści

• Cuckoo Malware Analysis
  • Table of Contents
  • Cuckoo Malware Analysis
  • Credits
  • About the Authors
  • Acknowledgement
  • About the Reviewers
  • www.PacktPub.com
    • Support files, eBooks, discount offers and more
      • Why Subscribe?
      • Free Access for Packt account holders
  • Preface
    • What this book covers
    • What you need for this book
    • Who this book is for
    • Conventions
    • Reader feedback
    • Customer support
      • Downloading the example code
      • Errata
      • Piracy
      • Questions
  • 1. Getting Started with Automated Malware Analysis using Cuckoo Sandbox
    • Malware analysis methodologies
    • Basic theory in Sandboxing
    • Malware analysis lab
    • Cuckoo Sandbox
    • Installing Cuckoo Sandbox
      • Hardware requirements
      • Preparing the host OS
      • Requirements
      • Install Python in Ubuntu
      • Setting up Cuckoo Sandbox in the Host OS
      • Preparing the Guest OS
        • Configuring the network
        • Setting up a shared folder between Host OS and Guest OS
      • Creating a user
      • Installing Cuckoo Sandbox
        • cuckoo.conf
        • <machinemanager>.conf
        • processing.conf
        • reporting.conf
    • Summary
  • 2. Using Cuckoo Sandbox to Analyze a Sample Malware
    • Starting Cuckoo
    • Submitting malware samples to Cuckoo Sandbox
    • Submitting a malware Word document
    • Submitting a malware PDF document aleppo_plan_cercs.pdf
    • Submitting a malware Excel document CVE-2011-0609_XLS-SWF-2011-03-08_crsenvironscan.xls
    • Submitting a malicious URL http://youtibe.com
    • Submitting a malicious URL http://ziti.cndesign.com/biaozi/fdc/page_07.htm
    • Submitting a binary file Sality.G.exe
    • Memory forensic using Cuckoo Sandbox using memory dump features
    • Additional memory forensic using Volatility
      • Using Volatility
    • Summary
  • 3. Analyzing the Output of Cuckoo Sandbox
    • The processing module
    • Analyzing an APT attack using Cuckoo Sandbox, Volatility, and Yara
    • Summary
  • 4. Reporting with Cuckoo Sandbox
    • Creating a built-in report in HTML format
    • Creating a MAEC Report
    • Exporting data report analysis from Cuckoo to another format
    • Summary
  • 5. Tips and Tricks for Cuckoo Sandbox
    • Hardening Cuckoo Sandbox against VM detection
    • Cuckooforcanari integrating Cuckoo Sandbox with the Maltego project
      • Installing Maltego
    • Automating e-mail attachments with Cuckoo MX
    • Summary
  • Index