Need help with saferwall?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

saferwall
425 Stars 64 Forks Apache License 2.0 1.4K Commits 2 Opened issues

Description

:fire: A hackable malware sandbox for the 21st Century

Services available

!
?

Need anything else?

Contributors list

# 46,705
C++
code-in...
C
Shell
911 commits
# 288,588
HTML
Shell
antivir...
portabl...
117 commits
# 117,133
HTML
messeng...
whatsap...
Electro...
58 commits
# 389,773
HTML
TeX
Shell
antivir...
40 commits
# 571,867
HTML
Shell
antivir...
portabl...
5 commits
# 292,997
React
gatsby
PHP
HTML
2 commits
# 716,343
HTML
Shell
antivir...
portabl...
1 commit
# 541,626
HTML
Shell
antivir...
portabl...
1 commit
# 127,247
HTML
spider
golang
Shell
1 commit

Saferwall logo

Saferwall is an open source malware analysis platform.

Discord GitHub Workflow Status Report Card GitHub

It aims for the following goals: - Provide a collaborative platform to share samples among malware researchers. - Acts as a system expert, to help researchers generates an automated malware analysis report. - Hunting platform to find new malwares. - Quality ensurance for signatures before releasing.

Features

  • Static analysis:
  • Multiple AV scanner which includes major antivirus vendors:

    Vendors

    status Vendors status
    Avast :heavycheckmark: FSecure :heavycheckmark:
    Avira :heavycheckmark: Kaspersky :heavycheckmark:
    Bitdefender :heavycheckmark: McAfee :heavycheckmark:
    ClamAV :heavycheckmark: Sophos :heavycheckmark:
    Comodo :heavycheckmark: Symantec :heavycheckmark:
    ESET :heavycheckmark: Windows Defender :heavycheckmark:
    TrendMicro :heavycheckmark: DrWeb :heavycheckmark:

Installation

Saferwall take advantage of kubernetes for its high availability, scalability and the huge ecosystem behind it.

Everything runs inside Kubernetes. You can either deploy it in the cloud or have it self hosted.

Here are the different deployment options available depending on how you are planning to use it: - Just to get a feeling of the app, you can use the already hosted instance in https://saferwall.com. - For local testing purposes or individual usage, a Vagrant box is available, the only requirements is virtualbox and vagrant. This setup runs on Windows, Linux and OSX. Please refer to this link for detailed steps. - In development scenarios, when you intend to make changes to the code and add features, please refer to this link for detailed steps. - For production grade deployment, we use kops. It automatically provisions a kubernetes cluster hosted on AWS, GCE, DigitalOcean or OpenStack and also on bare metal. For the time being, only AWS is officially supported. A helm chart is also provided for fast deployement. This work well for compagnies or small teams planning to scan a massive amounts of file. Please refer to this link for detailed steps.

Built with:

Current architecture / Workflow:

Here is a basic workflow which happens during a file scan: - Frontend talks to the the backend via REST APIs. - Backend uploads samples to the object storage. - Backend pushes a message into the scanning queue. - Consumer fetches the file and copy it into to the nfs share avoiding to pull the sample on every container. - Consumer calls asynchronously scanning services (like AV scanners) via gRPC calls and waits for results.

Acknowledgements

Contributing

Please read docs/CONTRIBUTING.md for details on our code of conduct, and the process for submitting pull requests to us.

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.