Open source Malwr analysis launched

By

Project backed by Shadowserver.

A free web-based malware analysis tool powered by Shadowsever has launched this week that aims to shake-up vendor-controlled and proprietary systems.

Open source Malwr analysis launched

The tool, dubbed Malwr, is designed to provide security professionals with a free and customisable open source malware analysis tool.

It is a front-end for the open source Cuckoo malware analysis sandbox and serves as an alternative for users who don't have the resources or time to operate a Cuckoo installation.

Claudio Guarnieri created Malwr because he found free malware analysis tools lacking and commercial sandboxes too expensive.

“A lot of companies run [malware analysis] and it's becoming a really profitable market, leaving no space for free initiatives,” Guarnieri said.

In the first 36 hours, Malwr received about 15,000 page views from 2000 unique visitors who submitted around 150 files. Some 22 percent of traffic was attack attempts.

While Malwr is running in a limited testing mode, Guarnieri said the Shadowserver resources underpinning the tool would allow it to scale to 10,000 analyses per day.

Shadowserver supported the project and supplied resources since both were free services designed to improve the state of security on the internet.

Shadowserver is a six-year old volunteer watchdog that tracks and reports the spread of malware, botnet and malicious activity on the internet.

Cuckoo eats ZeuS version 2.

The Cuckoo sandbox was developed in mid 2010 as a Honeynet Project for Google's Summer of Code, and re-commenced development for the 2011 Google initiative.

Development of Malwr started in September last year, but Guarnieri said he always planned to build a web front-end for Cuckoo.

“We would like also to get to a point where anyone running a Cuckoo node can link [their] own setup to our front-end, making it a full fledged crowd-distributed malware analysis network," Guarnieri said.

“It didn't take much of work to get it together – most of the efforts relies on trying to make Cuckoo a better product.”

Users will be able to refine Malwr by submitting code to Cuckoo.

Got a news tip for our journalists? Share it with us anonymously here.

Copyright © SC Magazine, Australia

Tags:
analysismalwaresandboxsecurityshadowserver

Sponsored Whitepapers

Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt
Modern Identity for SAP and Beyond: Replace SAP IDM with Saviynt
Saviynt Simplifies GRC and Access Control for SAP and Beyond
Saviynt Simplifies GRC and Access Control for SAP and Beyond
Futureproof Your Business with Datacom and AMD: Seamless Windows 11 Transition
Futureproof Your Business with Datacom and AMD: Seamless Windows 11 Transition
See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra

Events

Most Read Articles

Woolworths' CSO is Optus-bound

Woolworths' CSO is Optus-bound
Australia's super funds told to assess authentication controls

Australia's super funds told to assess authentication controls
Hackers abuse modified Salesforce app to steal data, extort companies

Hackers abuse modified Salesforce app to steal data, extort companies
The Northern Beaches Women's Shelter hones focus on tech-enabled abuse

The Northern Beaches Women's Shelter hones focus on tech-enabled abuse
techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?