Buster Sandbox Analyzer

Discussion in 'other anti-malware software' started by Buster_BSA, Nov 29, 2009.

Thread Status:
Not open for further replies.
  1. zmechys

    zmechys Registered Member

    Joined:
    Dec 29, 2012
    Posts:
    1,155
    Location:
    usa
    I was chastised recently for just mentioning Buster Sandbox Analyzer.
     
  2. Buster_BSA

    Buster_BSA Registered Member

    Joined:
    Nov 29, 2009
    Posts:
    748
    Why that?
     
  3. zmechys

    zmechys Registered Member

    Joined:
    Dec 29, 2012
    Posts:
    1,155
    Location:
    usa
    In the thread, "Sandboxie Basics", I've posted some instructions about using Sandboxie with Buster Sandbox Analyzer, but our forum "experts" attacked me for just mentioning BSA; therefore,
    I deleted all my information from that thread.

    Let's hope they have some courage to criticize you directly.
     
  4. Buster_BSA

    Buster_BSA Registered Member

    Joined:
    Nov 29, 2009
    Posts:
    748
    I can not imagine why anyone would critize me for creating BSA.
     
  5. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    Hi,

    Anyone who has done an online project for free (software, blog, forum moderator etc) knows that all things have an end.
    One of the Open source code limitation is for instance the constant motivation of the developpers...

    Anyway there is alternatives to Sandboxie, even if all are not compatible with BSA
    Cuckoo http://www.cuckoosandbox.org/index.html
    Truman http://www.secureworks.com/cyber-threat-intelligence/tools/truman/
    Private workplace http://privateworkplace.com/index.html
    Eugenuine solutions (Mirage sandbox end the dev.Best package)
    http://www.eugenuine.com/?p=mainpage
    And in the past Fortresgrand provided a free version of its virtual sandbox

    There is always online platforms analysis, and for those who need a proffessional malware analysis solution, there is Norman analyzer G2 for a few dollars more http://enterprise.norman.com/solutions/malware_analyzer_g2

    auf Wiedersehen,
     
  6. Buster_BSA

    Buster_BSA Registered Member

    Joined:
    Nov 29, 2009
    Posts:
    748
    None is compatible with BSA because BSA is dependant of Sandboxie.
     
  7. kareldjag

    kareldjag Registered Member

    Joined:
    Nov 13, 2004
    Posts:
    622
    Location:
    PARIS AND ITS SUBURBS
    hi
    I have never been a fan and user of VM and sandbox for malware analysis, as reboot/restore and disk imaging was more appropriated for my concerns.
    That is why i never experimented Buster sandbox, and i even though it was made in Germany...
    Things are clear now, and i understand more why this project is discontinued.
    And yes Sandboxie is too much restrictive for malware analysis, as an HIPS for users who want to remain the masters of their computers.
    Tks for your time, projects and tests.

    Rgds
     
  8. Buster_BSA

    Buster_BSA Registered Member

    Joined:
    Nov 29, 2009
    Posts:
    748
    Why in Germany if the domain where BSA is hosted is .nl?

    I come from Spain.
     
  9. idletom

    idletom Registered Member

    Joined:
    Jul 1, 2013
    Posts:
    1
    This looks like a very interesting application.

    I am looking at batch sandboxing an extremely large collection of malware (after filtering I expect it will approach a million samples).

    Do you have any suggestions as to
    a) Limits on simultaneous processing of malware
    b) Any hints on speeding up the process

    Many thanks
     
  10. Buster_BSA

    Buster_BSA Registered Member

    Joined:
    Nov 29, 2009
    Posts:
    748
    a) Limits on simultaneous processing of malware

    I suggest you make tests to know what is the right number of malware analyses, but I would say your system should be able to process up to 3-5 instances at the same time.

    b) Any hints on speeding up the process

    You could reduce the amount of time dedicated to each analysis. Some people goes with 2 minutes for analysis, but maybe 1 minute could fit your needs.

    Again I suggest you make tests to know if that´s a good solution for you.
     
  11. Buster_BSA

    Buster_BSA Registered Member

    Joined:
    Nov 29, 2009
    Posts:
    748
    BSA 1.88 package re-released to fix a bug when processing URLs from command line.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.