SandboxAPI

SandboxAPI

#Security Testing#Malware Analysis

A collection of reverse engineering challenges covering a wide range of topics and difficulty levels.

Visit Website

A Simple and Consistent API for Integration with Malware Sandboxes

A simple and consistent API designed for creating integrations with malware sandboxes.

This library currently supports the following sandbox systems

This library currently supports the following sandbox systems: * Cuckoo Sandbox * Falcon Sandbox (formerly known as VxStream) * FireEye AX Series * Hatching Triage * Joe Sandbox * MetaDefender Sandbox * VMRay Analyzer * WildFire Sandbox

It provides at least the following methods for each sandbox:

It offers at least the following methods for every sandbox: * is_available(): This method checks if the sandbox is functional and accessible, returning a boolean value. * analyze(handle, filename): Use this method to submit a file for analysis; it returns an item_id. * check(item_id): This method checks whether the analysis for a file has been completed; it returns a boolean value. * report(item_id, report_format='json'): Retrieve the report for a submitted file using this method. * score(report): This method extracts and returns an integer score from the report object. Some sandbox classes may have additional methods available. For more details, refer to the inline documentation. Please note that the score returned by the score method may fall within the range of 0-10 or 0-100, depending on the specific sandbox. Therefore, it is important to consult the documentation for that particular sandbox when interpreting this score.