Community modules for CAPE Sandbox CAPE-TestFilesPublic Files that we use for unit testing sflockPublicForked fromhatching/sflock Sample staging & detonation utility to be used in combination with Cuckoo Sandbox. Python105100UpdatedFeb 18, 2025 ...
Python GUI to run capemon in standalone VM. Provides a subset of CAPE processing and results. Create a Windows 10 VM that's suitable for running malware. Use the CAPEv2 guest guide for configuration details. https://capev2.readthedocs.io/en/latest/installation/guest/index.html Install Pyth...
/*File autogenerated by capemon hook generator (https://github.com/RazviOverflow/cape-hook-generator)The contents of this file can be appended to your local hooks.hWINAPI calling convention is assumed, but it might be incorrect!*/HOOKDEF(BOOL,WINAPI,CloseHandle,_In_HANDLEhObject);HOOKDEF(...
CAPESandbox/CAPE-parsers main BranchesTags Code Folders and files Latest commit History97 Commits .github cape_parsers tests tests_parsers .gitignore LICENSE README.md poetry.lock pyproject.toml requirements.txt View all files Repository files navigation README MIT license CAPE-parsers...
poetry run pip install git+https://github.com/CAPESandbox/pyattck maco - name: Run Ruff run: poetry run ruff check . --line-length 132 --ignore E501,E402 run: poetry run ruff check . --output-format=github . - name: Run unit tests run: poetry run python -m pytest --import-mode...
capemon is derived from cuckoomon-modified from spender-sandbox (https://github.com/spender-sandbox/cuckoomon-modified) from which it inherits the API hooking engine. It also includes a PE dumping engine and import reconstruction derived from Scylla (https://github.com/NtQuery/Scylla), WOW64Ext...
The repository containing the code for the monitor DLLs which form the basis of these packages is a distinct one: https://github.com/ctxis/capemon. This repository is organised in branches for the various packages. CAPE is derived from spender-sandbox (https://github.com/spender-sandbox), ...
CAPE is a malware sandbox. A sandbox is used to execute malicious files in an isolated environment whilst instrumenting their dynamic behaviour and collecting forensic artefacts. CAPE was derived from Cuckoo v1 which features the following core capabilities on the Windows platform: ...
https://capesandbox.com - For account activation reach to https://twitter.com/capesandbox. Although config and payload extraction was the original stated goal, it was the development of the debugger in CAPE that first inspired the project: in order to extract configs or unpacked payloads from...
poetry run pip3 install -U git+https://github.com/DissectMalware/batch_deobfuscator poetry run pip3 install -U git+https://github.com/CAPESandbox/httpreplay Work through that until you get no errors from journalctl. You might have to restart the service. The other cape services can be foun...