/Limon

Limon is a sandbox developed as a research project written in python, which automatically collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect Linux malware before execution, during execution, and after execution (post-mortem analysis) by performing static, dynamic and memory analysis using open source tools

Primary LanguagePythonGNU General Public License v3.0GPL-3.0

Limon - Sandbox for Analyzing Linux Malwares

Limon is a sandbox developed as a research project written in python, which automatically collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect the Linux malware before execution, during execution, and after execution (post-mortem analysis) by performing static, dynamic and memory analysis using open source tools. Limon analyzes the malware in a controlled environment, monitors its activities and its child processes to determine the nature and purpose of the malware. It determines the malware's process activity, interaction with the file system, network, it also performs memory analysis and stores the analyzed artifacts for later analysis.

Analyzing Linux Malwares Using Limon

http://malware-unplugged.blogspot.com/2015/11/limon-sandbox-for-analyzing-linux.html

Setting up and Configuring Limon

http://malware-unplugged.blogspot.com/2015/11/setting-up-limon-sandbox-for-analyzing.html

Black Hat 2015 Europe Video Recording (Automating Linux Malware Analysis Using Limon Sandbox)

https://youtu.be/fSCKyF--tRs

Black Hat 2015 Europe presentation (Automating Linux Malware Analysis Using Limon Sandbox)

https://www.blackhat.com/eu-15/briefings.html#automating-linux-malware-analysis-using-limon-sandbox