PhoneyC is a virtual client honeypot, meaning it is not a real application but rather an emulated client. By using dynamic analysis, PhoneyC is able to remove the obfuscation from many malicious pages. Furthermore, PhoneyC emulates specific vulnerabilities to pinpoint the attack vector. PhoneyC is a modular framework that enables the study of malicious HTTP pages and understands modern vulnerabilities and attacker techniques.
Download version 0.1 below (a contained readme contains installation instructions):
Sha1: d541a6c27712895f335e7394de7c1506ea1ce592 phoneyc_v0_1_rev1631.tar_.gz
v0.1 feature highlights include:
PhoneyC is hosted on http://code.google.com/p/phoneyc/ from which a development version can be obtained.
For any issues turn to the Google groups: http://groups.google.com/group/phoneyc.