💣 Boxed Windows 11 malware detonation lab - Vagrant + Hyper-V powered, with Detonator, Fibratus (ETW), Rustinel (Sigma/YARA/IOC), LitterBox and a unified Web UI for automated sample analysis

A Python-based malware analysis sandbox that uses isolated VirtualBox VMs to simulate system activity, collect logs, and detect suspicious behavior through heuristic analysis and visualization.

Fake internet simulator for malware analysis — DNS/HTTP/HTTPS/SMTP/FTP catch-all with GUI

A lightweight Telegram bot that monitors tria.ge for new malware submissions, extracts family, C2, and config data, and delivers structured reports with safely encoded samples to individuals or group topics.

O OmniSec é um SOC autônomo orquestrado por IA (Swarm). Integra agentes especializados, detecção, sandbox, inteligência de ameaças, playbooks de resposta a incidentes, ferramentas como Wazuh/OpenSearch/MCP e módulo GRC para conformidade normativa.

Open-source malware analysis sandbox with Docker/QEMU execution, telemetry, YARA, Suricata, threat-intel enrichment, and AI reports.

Unified Security + Forensics + Threat Intelligence Suite

Customization based on pyrebox for ransomware runtime information tracing.

Isolated FLARE-VM + REMnux detonation lab for safe malware analysis and detection development.

Simulate internet services in isolated environments to aid malware analysis with improved DNS handling and network emulation features.