Cuckoo Sandbox meets Mac OS X

Project Name: Project 19 - Cuckoo Sandbox #2: Support for Mac OS binaries
Mentor: Alessandro Tanasi (IT)
Student: Dmitry Rodionov
Skills required: Python, Mac OS X internals, Django (optional)
Project type: Extend and improve existing library
Project goal: Improve Cuckoo Sandbox to support analysis of Mac OS X malware.

Description:

We would like to expand Cuckoo to support execution of Mac OS X malware. To develop this feature it is required to design and write a custom python analyzer (a little engine with modules), that will follow Cuckoo's existing win32 architecture to run the malware inside a Linux or OSX virtual machine, instrument and record the malware behavior then return the execution analysis information back to Cuckoo's existing reporting components.

Achievement:

Dimitry wrote an extensive blog post summarizing the results of his GSoC project. Instructions on how to set up Cuckoo with support for Mac OS binaries are posted in Dimitry's repository.