Network and Artifact Analysis

Analysis of Honeypots!

Below are a series of hotlinks and short descriptions of tools that can be used to analyze gathered honeypot data.

Dorothy2 – (M4rco. (2017) m4rco-/dorothy2: A malware/botnet analysis framework written in Ruby. Retrieved May 2, 2017, from https://github.com/m4rco-/dorothy2)

Imalse – (Jingcwang. (2021) jingcwang/imalse: Integrated MALware Simulator and Emulator. Retrieved June 23, 2021, from https://github.com/jingcwang/imalse)

Cuckoo Sandbox – (Guarnieri, Claudio. (2017) Automated Malware Analysis – Cuckoo Sandbox. Retrieved May 2, 2017, from https://cuckoosandbox.org/)

Detux Sandbox – “Detux is a sandbox developed to do traffic analysis of the Linux malware and capture the IOC’s by doing so” ( DetuxSanbox. (2021) The Multiplatform Linux Sandbox. Retrieved June 23, 2021, from https://github.com/detuxsandbox/detux)

VirusTotal – ( Virustotal. (2017) Free Online Virus, Malware and URL Scanner. Retrieved May 2, 2017, from https://www.virustotal.com/)

HyBird – ( ‘Js. (2017) Free Automated Malware Analysis Service – powered by VxStream Sandbox. Retrieved May 2, 2017, from https://www.hybrid-analysis.com/)