Skip to content


Subversion checkout URL

You can clone with
Download ZIP
Cuckoo Sandbox is an automated dynamic malware analysis system
Python HTML Shell JavaScript C DTrace Other
Latest commit f3fe898 @jbremer jbremer rewrite process memory dumping logic
The monitor now informs the Analyzer when a process is about to finish.
This allows the Analyzer to dump the process memory right before it
actually finishes and thus adds support for dumping memory of processes
that terminate before reaching the critical analysis timeout (if that
even occurs in the first).

Furthermore the new dumping logic, which is now embedded in monitor's
inject.exe utility, also dumps metadata about the memory pages such as
their protection, size, etc. (And by separating the functionality into
a separate utility we now also support 32-bit vs 64-bit differences).

And last but not least we also support dumping processes multiple times
just in case this appears useful in the future.


In three words, Cuckoo Sandbox is a malware analysis system.

What does that mean? It simply means that you can throw any suspicious file at it and in a matter of seconds Cuckoo will provide you back some detailed results outlining what such file did when executed inside an isolated environment.

If you want to contribute to development, please read this and this first. Make sure you check our Issues and Pull Requests and that you join our IRC channel.

This is a development version, we do not recommend its use in production.

You can find a full documentation of the latest stable release here.

Build Status

Something went wrong with that request. Please try again.