Results 1 to 2 of 2

Thread: Buster Sandbox Analyzer

  1. #1

    Buster Sandbox Analyzer


    I would like to announce the release of Buster Sandbox Analyzer.

    Buster Sandbox Analyzer, or BSA to short it, is a security tool focused in analyzing the behaviour of applications and evaluate the performed actions to say if they act like malware or not.

    It works in a similar way to Norman Sandbox Analyzer, but meanwhile Norman´s tool performs the analysis emulating the analyzed programs, BSA uses Sandboxie as environment to run applications.

    Other difference would be that Norman performs the analysis without human intervention meanwhile with BSA is the user who runs manually the applications to be analyzed. This has some benefits and some inconvenients.

    As benefits we could say that BSA can analyze any type of "application", from executable files, to DOC, XLS, PDF, VBS, BAT, or any other kind of file that can be "executed". Also if an application requires user actions like press a button or accept an agreement this will be possible meanwhile in Norman Sandbox Analyzer (and some other malware analyzers too) this will not be possible.

    As inconvenient BSA is unable to analyze automatically large amount of files. Also we must consider that if we don´t take the necessary measures, information from the computer where BSA is being run could leak to Internet.

    Other important question is that BSA is freeware. You only must pay Sandboxie´s license which is pretty cheap.

    These and other questions are commented in the manual of BSA.

    You can follow the development of the tool here:

    You can download the tool from here:

    And you can visit BSA´s home page here:

    Even if actually Buster Sandbox Analyzer is working as expected in many aspects, it must be said that the project was initiated recently. Therefore the tool still needs improvements and testing until it reachs a certain point of excellence.

    I hope some of you will be interested in the tool and from that people, some will be interested in helping to improve it with suggestions, tests, etc.

    Last edited by VirusBuster; December 3rd, 2009 at 08:44.

  2. #2
    Administrator dELTA's Avatar
    Join Date
    Oct 2000
    Ring -1
    Blog Entries
    "Give a man a quote from the FAQ, and he'll ignore it. Print the FAQ, shove it up his ass, kick him in the balls, DDoS his ass and kick/ban him, and the point usually gets through eventually."

Similar Threads

  1. Buster Sandbox Analyzer
    By VirusBuster in forum Malware Analysis and Unpacking Forum
    Replies: 59
    Last Post: April 21st, 2013, 14:54
  2. Yarr Buster Challenge 1
    By YarrBuster in forum Advanced Reversing and Programming
    Replies: 8
    Last Post: October 21st, 2011, 22:12
  3. Performance Analyzer ?
    By corpusfugit in forum OllyDbg Support Forums
    Replies: 3
    Last Post: November 28th, 2008, 03:20


Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts