Skip to content

woodpile27/SaltwaterRoom

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

2 Commits
.gitignore
.gitignore
 
 
README.md
README.md
 
 
error.py
error.py
 
 
juno
juno
 
 
monitor.py
monitor.py
 
 
network.py
network.py
 
 
requirements
requirements
 
 
saltwaterroom.py
saltwaterroom.py
 
 
utils.py
utils.py
 
 

Repository files navigation

SaltwaterRoom

SaltwaterRoom is a simple sandbox based on docker. It supports x86_64, MIPS, ARM file format, can identify the behavior of mining, worms, DDos of malware.

Getting Started

Prerequisites

  • linux system(test on ubuntu 16.04)
  • python2.7
  • docker and some images
docker pull ubuntu:latest
docker pull npmccallum/debian-mips:jessie
docker pull ioft/armhf-ubuntu:latest
  • qemu-user
apt-get update && apt-get install -y --no-install-recommends qemu-user-static binfmt-support
update-binfmts --enable qemu-arm
update-binfmts --display qemu-arm
update-binfmts --enable qemu-mips
update-binfmts --display qemu-mips
sudo chmod a+x /usr/bin/qemu-*
  • python requirements
pip install -r requirements

Running

help information

python saltwaterroom.py -h

example

python saltwaterroom.py juno

The default monitoring time is 30 minutes, you can press ctrl-c to close at any time, the program will automatically delete the container.

TodoList

  • support for x86
  • add data storage
  • optimize monitoring performance

About

A sample sandbox based on docker

Topics

python sandbox malware-analysis

Resources

Readme
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages