malware-analysis--sandboxing

Solid

Static and dynamic malware analysis, YARA rule generation, sandbox configuration, behavioral profiling, and malware family classification

Data & Documents 47 stars 3 forks Updated today MIT

Install

View on GitHub

Quality Score: 89/100

Stars 20%

Recency 20%

100

Frontmatter 20%

Documentation 15%

100

Issue Health 10%

License 10%

100

Description 5%

100

Skill Content

# Malware Analysis & Sandboxing ## Purpose Enable Claude to assist with malware analysis workflows including static analysis of file properties and code, dynamic behavioral analysis interpretation, YARA rule generation, sandbox configuration, and malware family identification. Claude analyzes provided artifacts directly and orchestrates scripts for automated processing. > **Safety Warning**: Never execute suspicious files outside of isolated, controlled environments. Use dedicated VMs or sandboxes with network isolation and snapshot capability. --- ## Activation Triggers This skill activates when the user asks about: - Analyzing a suspicious file, binary, or script - Generating YARA rules for malware detection - Setting up a malware analysis sandbox - Interpreting Cuckoo/CAPE/AnyRun sandbox reports - Identifying malware family or behavior - Creating IOCs from malware samples - Static analysis of PE/ELF files - Memory forensics for malware artifacts - Behavioral analysis (process creation, network, registry, file changes) --- ## Prerequisites ```bash pip install yara-python pefile python-magic requests ssdeep ``` **Recommended analysis tools:** - `Cuckoo Sandbox / CAPE` — Automated dynamic analysis - `VirusTotal API` — Multi-engine scanning and intel - `YARA` — Pattern matching engine - `Ghidra / IDA Pro` — Deep binary analysis (→ Skill 04) - `Volatility 3` — Memory forensics - `DIE (Detect-It-Easy)` — Packer/compiler detection - `Pestudio` — Windows PE static analys...

Details

Author: Masriyan
Repository: Masriyan/Claude-Code-CyberSecurity-Skill
Created: 3 months ago
Last Updated: today
Language: Python
License: MIT

Similar Skills

Semantically similar based on skill content — not just same category

AI & Automation Solid

security-sandbox

Isolated analysis environment management for malware and exploit testing. Create and manage isolated VMs, configure Cuckoo Sandbox, set up REMnux/FlareVM environments, manage Docker-based analysis containers, and capture filesystem and process changes.

1,034 Updated today

a5c-ai

Data & Documents Listed

malware-triage

Malware triage workflow — sandbox output analysis (CAPE/Hybrid-Analysis/ANY.RUN/Joe Sandbox), YARA rule scaffolding at pattern level, IOC extraction, and TTP mapping to MITRE ATT&CK. Sandbox-only discipline; do not detonate in production or without an isolated runtime.

4 Updated 1 weeks ago

roodlicht

AI & Automation Solid

analyzing-malware-sandbox-evasion-techniques

Detect sandbox evasion techniques in malware samples by analyzing timing checks, VM artifact queries, user interaction detection, and sleep inflation patterns from Cuckoo/AnyRun behavioral reports

12,642 Updated today

mukul975

AI & Automation Featured

analyzing-malware-behavior-with-cuckoo-sandbox

Executes malware samples in Cuckoo Sandbox to observe runtime behavior including process creation, file system modifications, registry changes, network communications, and API calls. Generates comprehensive behavioral reports for malware classification and IOC extraction. Activates for requests involving dynamic malware analysis, sandbox detonation, behavioral analysis, or automated malware execution.

12,642 Updated today

mukul975

AI & Automation Featured

malware-analyst

Expert malware analyst specializing in defensive malware research, threat intelligence, and incident response. Masters sandbox analysis, behavioral analysis, and malware family identification.

39,227 Updated today

sickn33