Skip to content

rio/malware-aquarium

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

198 Commits
Analysis
Analysis
 
 
MITRE TTPS
MITRE TTPS
 
 
diagrams
diagrams
 
 
kubernetes
kubernetes
 
 
packer
packer
 
 
scripts
scripts
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
Malware_Aquarium-By_Raresh_Bratean_and_Rio_Kierkels-2022-12-23.pdf
Malware_Aquarium-By_Raresh_Bratean_and_Rio_Kierkels-2022-12-23.pdf
 
 
README.md
README.md
 
 

Repository files navigation

Malware-Aquarium

Looking for the research paper? You can find it here!

Description

A malware aquarium is a bounded space for malware to live its life, possibly indefinitely, without escaping its boundaries, while the environment still allows its observation. Translating this into computer systems, in the context of this research, the malware aquarium is a fully reachable network with interconnected machines that have extensible and controllable visibility paths. From the malware's perspective, it is living in an actual network with multiple machines allowing it to propagate and possibly coexist with other malware strains within the same systems.

This project implements a proof of concept from this idea by integrating multiple requirements from sandbox technologies and secure architecture accompanied by an analysis of Trojans and Worms TTPs. The project itself is still in its early development ,however, it was tested with two malware, TrickBot and HermeticWizard. The results from those deployments were compared with two reports of free online sandboxes, Joe Sandbox and Triage. In both cases the malware aquarium revelived more insightful details or the entire infection process.

Disclaimer

The following terms apply to this project:

  • The project was created with the purpose of analysing malware, however, we do not guarantee the safety of the system for every malware.
  • The isolation around the malware aquarium is the responsibility of the user, who assumes the risk of using it as well.
  • Any misuse of this system is not the responsibility of the contributors.
  • For any use of this project recognition and attribution of the creators (Rio Kierkels & Rares Bratean) has to be made.
  • We disagree and disallow the usage of this project for financial or commercial purposes. Therefore, any integration and development of these tools should be open to the public.
  • We are not responsible if a user breaches any licensing within the open source or free tools within this version of the project.
  • We allow modification, development, close and open source utilization of this project.

Note

This project still requires clean up and a tutorial of how to install/use the malware aquarium. Hence, it is not at its final version yet. We will update this project as soon as possible.

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity

Stars

3 stars

Watchers

4 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages