Free Automated Malware Analysis Sandboxes and Services

In the malware analysis course I teach at SANS Institute, I explain how to reverse-engineer malicious software in your own lab. It’s a useful skill for incident responders and security practitioners; however, analyzing all software in this manner is impractical without some automated assistance. Malware analysis sandboxes save time and help with triage. They provide an overview of the specimen’s capabilities, so that analysts can decide where to focus their follow-up efforts:

If you know of another reliable and free service I didn’t list, please let me know. My other lists of on-line security resources outline Blocklists of Suspected Malicious IPs and URLs and On-Line Tools for Malicious Website Lookups.


About the Author

Lenny Zeltser develops teams, products, and programs that use information security to achieve business results. Over the past two decades, Lenny has been leading efforts to establish resilient security practices and solve hard security problems. As a respected author and speaker, he has been advancing cybersecurity tradecraft and contributing to the community. His insights build upon 20 years of real-world experiences, a Computer Science degree from the University of Pennsylvania, and an MBA degree from MIT Sloan.

Learn more