A forum for reverse engineering, OS internals and malware analysis 

Forum for announcements and questions about tools and software.
 #27361  by malware.monna
 Sat Dec 05, 2015 2:12 pm
Hi All,

I had presented a topic "Automating Linux Malware Analysis Using Limon Sandbox" at Black Hat Europe 2015. Limon is an open source sandox which is now available for download. Below links should help you get started with Limon

Limon is a sandbox developed as a research project written in python, which automatically collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect the Linux malware before execution, during execution, and after execution (post-mortem analysis) by performing static, dynamic and memory analysis using open source tools. Limon analyzes the malware in a controlled environment, monitors its activities and its child processes to determine the nature and purpose of the malware. It determines the malware's process activity, interaction with the file system, network, it also performs memory analysis and stores the analyzed artifacts for later analysis. I hope you will find it useful

a) Analyzing Linux Malwares Using Limon

http://malware-unplugged.blogspot.com/2 ... linux.html


b) Setting up and Configuring Limon

http://malware-unplugged.blogspot.com/2 ... yzing.html


c) Black Hat 2015 Europe presentation (Automating Linux Malware Analysis Using Limon Sandbox)

https://www.blackhat.com/eu-15/briefing ... on-sandbox


d) Limon Download Link:
https://github.com/monnappa22/Limon