Free Toolkits for Automating Malware Analysis

Automating some aspects of malware analysis is critical for organizations that process large numbers of malicious programs. Such automation allows analysts to focus on the tasks that require human insights. There are several free toolkits you can use as the starting point for building your own automated malware analysis lab. The focus of this post is on the tools you can install locally; I wrote about free web-based behavioral analysis services earlier.

Two feature-rich and highly customizable options are outlined below:

There are several other toolkits you may find useful for automating aspects of behavioral malware analysis:

  • Cuckoo by Claudio Guarnieri is an open-source toolkit you can install locally for analyzing malicious files.
  • Zero Wine by Joxean Koret is a full-featured tool for dynamically analyzing the behavior of Windows malware by running it within the WINE emulator on Linux.
  • Buster Sandbox Analyzer by Buster is a wrapper around the Sandboxie tool for Windows, which helps you examine the key actions of applications executed by Sandboxie in your lab.
  • Malheur by Konrad Rieck is a very promising tool for analyzing the volumes of data collected by behavioral sandboxes.
  • REMnux by yours truly is a lightweight Linux distribution for assisting malware analysts in reverse-engineering malicious software.

If you’re interested in building your own malware analysis toolkit manual behavioral review, take a look at the article I wrote earlier. You may also be interested in reading about the limitations of automated malware analysis.


About the Author

Lenny Zeltser develops products and programs that use security to achieve business results. He is the CISO at Axonius and Faculty Fellow at SANS Institute. Lenny has been leading efforts to establish resilient security practices and solve hard security problems for over two decades. A respected author and practitioner, he has been advancing tradecraft and contributing to the community. His insights build upon real-world experience, a Computer Science degree from the University of Pennsylvania, and an MBA degree from MIT Sloan.

Learn more