Truman

From NSMWiki
Jump to: navigation, search

Truman is an Open Source sandnet system for automated malware analysis in a "live fire" environment.

Written by Joe Stewart of LURQH/SecureWorks, it implements an isolated network, complete with a small assortment of simulated or restricted services (DHCP, DNS, HTTP, IRC, MySQL, etc). You provide a malware client box to actually run the samples, connect it to the private network shared with the Truman server, and you're off and running.