trailofbits / Flying Sandbox Monster
Licence: mit
Sandboxed, Rust-based, Windows Defender Client
Stars: â 158
Programming Languages
rust
11053 projects
Projects that are alternatives of or similar to Flying Sandbox Monster
MultiAV2
MultiAV scanner with Python and JSON REST API using Malice Docker AV Containers and Docker-Machine based Autoscaling
Stars: â 30 (-81.01%)
Mutual labels: sandbox, antivirus
fake-sandbox
đâđ¨ This script will simulate fake processes of analysis sandbox/VM software that some malware will try to avoid.
Stars: â 110 (-30.38%)
Mutual labels: sandbox, antivirus
Saferwall
A hackable malware sandbox for the 21st Century
Stars: â 419 (+165.19%)
Mutual labels: sandbox, antivirus
Js Interpreter
A sandboxed JavaScript interpreter in JavaScript.
Stars: â 1,296 (+720.25%)
Mutual labels: sandbox
Docker Clamav
Multi-arch dockerized open source antivirus for use with file sharing containers, REST API or TCP.
Stars: â 133 (-15.82%)
Mutual labels: antivirus
Huorong vulnerabilities
Huorong Internet Security vulnerabilities çŤçťĺŽĺ
¨č˝Żäťśćźć´
Stars: â 85 (-46.2%)
Mutual labels: antivirus
Pafish
Pafish is a testing tool that uses different techniques to detect virtual machines and malware analysis environments in the same way that malware families do
Stars: â 2,026 (+1182.28%)
Mutual labels: sandbox
Ergo Pe Av
đ§ đŚ An artificial neural network and API to detect Windows malware, based on Ergo and LIEF.
Stars: â 130 (-17.72%)
Mutual labels: antivirus
Veil Evasion
Veil Evasion is no longer supported, use Veil 3.0!
Stars: â 1,678 (+962.03%)
Mutual labels: antivirus
Groovy Sandbox
(Deprecated) Compile-time transformer to run Groovy code in a restrictive sandbox
Stars: â 104 (-34.18%)
Mutual labels: sandbox
Hrcloud2
A full-featured home hosted Cloud Drive, Personal Assistant, App Launcher, File Converter, Streamer, Share Tool & More!
Stars: â 134 (-15.19%)
Mutual labels: antivirus
Clamav Devel
ClamAV Development - FAQ is here: https://github.com/Cisco-Talos/clamav-faq
Stars: â 1,301 (+723.42%)
Mutual labels: antivirus
Ore Infinium
Ore Infinium, Open Source multiplayer Terraria-inspired Sci-fi game, focused on technology, devices and researching. Written in Kotlin (JVM), LibGDX. Cross platform
Stars: â 139 (-12.03%)
Mutual labels: sandbox
Illacceptanything
The project where literally anything* goes.
Stars: â 1,756 (+1011.39%)
Mutual labels: antivirus
Nativepayload reverse tcp
Meterpreter Encrypted Payload by C#
Stars: â 130 (-17.72%)
Mutual labels: antivirus
Flying Sandbox Monster
A proof-of-concept application that sandboxes the Malware Protection engine in an AppContainer on Windows, written in Rust. Flying Sandbox Monster only supports 32-bit builds at this time. Note: there is some trickery performed to make things work since this is a proof-of-concept that interfaces with an undocumented DLL.
Development Setup
- Clone this repo:
git clone https://github.com/trailofbits/flying-sandbox-monster
- Add a new target:
rustup target add i686-pc-windows-msvc
- Build:
cargo build --target i686-pc-windows-msvc
- Run the unit tests:
cargo test --target i686-pc-windows-msvc
Manual Dependencies
Flying Sandbox Monster requires dependencies that cannot be automatically included.
-
Download
mpam-fe.exe
(the 32-bit antimalware update file) to thesupport\
directory - Extract
mpam-fe.exe
insupport\
usingcabextract
or 7Zip. - Once complete, check that
support\mpengine.dll
exists, among other files.
FAQ
cargo build
complains that msvc targets depend on msvc linker but "link.exe" was not found
You need to install the Visual C++ 2015 Build Tools or newer.
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].