VirusBuster
December 3rd, 2009, 08:37
Hi.
I would like to announce the release of Buster Sandbox Analyzer.
Buster Sandbox Analyzer, or BSA to short it, is a security tool focused in analyzing the behaviour of applications and evaluate the performed actions to say if they act like malware or not.
It works in a similar way to Norman Sandbox Analyzer, but meanwhile Norman´s tool performs the analysis emulating the analyzed programs, BSA uses Sandboxie as environment to run applications.
Other difference would be that Norman performs the analysis without human intervention meanwhile with BSA is the user who runs manually the applications to be analyzed. This has some benefits and some inconvenients.
As benefits we could say that BSA can analyze any type of "application", from executable files, to DOC, XLS, PDF, VBS, BAT, or any other kind of file that can be "executed". Also if an application requires user actions like press a button or accept an agreement this will be possible meanwhile in Norman Sandbox Analyzer (and some other malware analyzers too) this will not be possible.
As inconvenient BSA is unable to analyze automatically large amount of files. Also we must consider that if we don´t take the necessary measures, information from the computer where BSA is being run could leak to Internet.
Other important question is that BSA is freeware. You only must pay Sandboxie´s license which is pretty cheap.
These and other questions are commented in the manual of BSA.
You can follow the development of the tool here:
http://sandboxie.com/phpbb/viewtopic.php?t=6557
You can download the tool from here:
http://bsa.qnea.de/bsa.rar
And you can visit BSA´s home page here:
http://bsa.qnea.de/
Even if actually Buster Sandbox Analyzer is working as expected in many aspects, it must be said that the project was initiated recently. Therefore the tool still needs improvements and testing until it reachs a certain point of excellence.
I hope some of you will be interested in the tool and from that people, some will be interested in helping to improve it with suggestions, tests, etc.
Regards.
I would like to announce the release of Buster Sandbox Analyzer.
Buster Sandbox Analyzer, or BSA to short it, is a security tool focused in analyzing the behaviour of applications and evaluate the performed actions to say if they act like malware or not.
It works in a similar way to Norman Sandbox Analyzer, but meanwhile Norman´s tool performs the analysis emulating the analyzed programs, BSA uses Sandboxie as environment to run applications.
Other difference would be that Norman performs the analysis without human intervention meanwhile with BSA is the user who runs manually the applications to be analyzed. This has some benefits and some inconvenients.
As benefits we could say that BSA can analyze any type of "application", from executable files, to DOC, XLS, PDF, VBS, BAT, or any other kind of file that can be "executed". Also if an application requires user actions like press a button or accept an agreement this will be possible meanwhile in Norman Sandbox Analyzer (and some other malware analyzers too) this will not be possible.
As inconvenient BSA is unable to analyze automatically large amount of files. Also we must consider that if we don´t take the necessary measures, information from the computer where BSA is being run could leak to Internet.
Other important question is that BSA is freeware. You only must pay Sandboxie´s license which is pretty cheap.
These and other questions are commented in the manual of BSA.
You can follow the development of the tool here:
http://sandboxie.com/phpbb/viewtopic.php?t=6557
You can download the tool from here:
http://bsa.qnea.de/bsa.rar
And you can visit BSA´s home page here:
http://bsa.qnea.de/
Even if actually Buster Sandbox Analyzer is working as expected in many aspects, it must be said that the project was initiated recently. Therefore the tool still needs improvements and testing until it reachs a certain point of excellence.
I hope some of you will be interested in the tool and from that people, some will be interested in helping to improve it with suggestions, tests, etc.
Regards.
