CAPE Sandbox

@vxunderground Pivot into sandbox development

I want to share something. I don't expect anyone to care. I just want to scream into the void. I've accomplished everything I've ever wanted to do with malware. There isn't really a malware thingy that's popped up that I haven't seen or done. My malware code repository of stuff I've written dates back to like, 2009. I've released dozens upon dozens of never before seen (at least publicly) malware snippets and ideas. I'm standing at this weird cross road where I'm standing at the peak and I'm kind of looking around like ???. What do I do now? Options: 1. Keep finding new stuff for usermode Windows malware 2. Venture outside usermode to kernel mode malware 3. Switch focus, focus on initial access or stager stuff, not final payload 4. Switch focus, focus outside Windows to different platforms 5. Switch to defense, develop ways to detect malware 6. ??? There is always more to learn and do. But, I've been climbing vertically for like, 20 years, and in order to keep climbing I need to find a different path.

@SaranshBaniyal Activated

Hi @CapeSandbox, can you please activate my account saransh@synthlane

@weyemar Activated

@CapeSandbox Can you active account mweyer? Thank you.

@nalves599 Activated👍

@CapeSandbox Could you activate my account (user: nalves599)? Thanks

@rhysperry111 Activated👍

Hey @CapeSandbox, would it be possible to get my account activated? Same username as here - rhysperry111. Currently analysing some malware that takes almost 18 minutes to run its payload, and there's no chance I can do that with any.run :p

@fundakaraoglu @bartblaze @D00m3dR4v3n Activated

@bartblaze @CapeSandbox @D00m3dR4v3n @CapeSandbox Hello! Can you activate my account? Username: fundakaraoglu

Malware abusing the finger protocol (this one makes a comeback now and again). bleepingcomputer.com/news/security/… Caught with @CapeSandbox :)

@Epav23 Fixed now - and account activated 👍

@SchatunE54320 Activated 👍

@littlehellion_ Activated 👍

@CapeSandbox Hello! Can you activate my account? Username: Qaky

@toocels Activated 👍

@CapeSandbox Hi, could you activate account. It's "broski". Thanks!

#Amatera payload extraction & direct syscall capture capesandbox.com/analysis/11082/

@Epav23 Thanks for the heads up - I'll get that fixed pronto

@nonamemiister Activated 👍

Hello @CapeSandbox ! Would you be so kind as to activate my account? The username is "cy0x"

@DorianSraga Activated 👍

@CapeSandbox Hi @CapeSandbox. Could i get my account activated? username: Dorian Much appreciated!

New cmd.exe batch deobfuscation capability integrated in CAPE! FindFixAndRun hook😎 For example: capesandbox.com/analysis/23842/ Thanks KingKDot github.com/KingKDot/Exorc…🙏 and KillerInstinct for the integration!

@kimfinical59049 Activated 👍

@CapeSandbox Hi! I’d like to activate an account on capesandbox.com. My username is ckoolaide. Could you please assist? Thank you!

@garakuta045 Activated 👍

@CapeSandbox Hello @CapeSandbox, could you please activate my account with the username moonsolo? Much appreciated!

@HazzyXn Activated 👍

@CapeSandbox yello, i'd like to request account activation for ninetailedfox

@YetAnotherEng Activated👍

@CapeSandbox Hi, is it possible to have my account activated? My username is alessandromarchetti. I did another registration yesterday with the username alessandromarchetti_dr that was tied to the wrong email, it can be deleted. Thank you and sorry for the double sign up.

@dnssafixxi Sorry this is not a commercial thing, there is no premium subscription. It's just an open source project with a demo instance!

@dnssafixxi Yes it is configurable in web.conf github.com/kevoreilly/CAP…