Public Web Interface to CWSandbox
Wednesday, September 20. 2006
Greetings from Hack In The Box 2006! I'm happy to announce that we have finally a public web interface to CWSandbox: just go to http://www.cwsandbox.org and submit a binary. A couple of minutes later, you should find an analysis in your e-mail inbox.
William Salusky over at ISC wrote:
"Malware analysts rejoice! A public submission interface for the CWSandox (NEW)
The public availability of a submission interface into the CWSandbox is finally at hand.
The CWSandbox has been a somewhat closely held tool in the professional security and AV researcher community for many months now. The CWSandbox results offer near immediate insight into the actions of malicious code execution on win32 based systems which in turn offers you, the affected party some quick intel on what might be happening on your network!
Please be kind and submit samples that you have vetted in some way as malicious. I'm sure this project would not be interested in receiving copies of your %SYSTEM% directory.
You can submit your malicious code samples via the sample web submission form at:
https://luigi.informatik.uni-mannheim.de/submit.php
CWSandbox results containing the sandbox/AV results are emailed to the submitter address.
This sandbox environment currently tracks malicious code variants against only three free/unnamed AV products at the moment. I'm confident that this project would be interested in hearing from commercial AV vendors willing to offer unix based solutions to further their detection effort.
Handler on duty
W"
Indeed, if AV vendors want to help us with some kind of AV engines, we are more than happy to hear from you :-) It is also possible to license CWSandbox if you want to use it at your site - for more information just contact thorsten [dot] holz [@] gmail [dot] com
William Salusky over at ISC wrote:
"Malware analysts rejoice! A public submission interface for the CWSandox (NEW)
The public availability of a submission interface into the CWSandbox is finally at hand.
The CWSandbox has been a somewhat closely held tool in the professional security and AV researcher community for many months now. The CWSandbox results offer near immediate insight into the actions of malicious code execution on win32 based systems which in turn offers you, the affected party some quick intel on what might be happening on your network!
Please be kind and submit samples that you have vetted in some way as malicious. I'm sure this project would not be interested in receiving copies of your %SYSTEM% directory.
You can submit your malicious code samples via the sample web submission form at:
https://luigi.informatik.uni-mannheim.de/submit.php
CWSandbox results containing the sandbox/AV results are emailed to the submitter address.
This sandbox environment currently tracks malicious code variants against only three free/unnamed AV products at the moment. I'm confident that this project would be interested in hearing from commercial AV vendors willing to offer unix based solutions to further their detection effort.
Handler on duty
W"
Indeed, if AV vendors want to help us with some kind of AV engines, we are more than happy to hear from you :-) It is also possible to license CWSandbox if you want to use it at your site - for more information just contact thorsten [dot] holz [@] gmail [dot] com
".
