endgameinc / maxwell Goto Github PK
View Code? Open in Web Editor NEWLicense: MIT License
License: MIT License
As this seems to be using ancient cuckoomon code verbatim, has Endgame Inc. purchased a commercial license from upstream Cuckoo devs to be able to relicense the code as MIT? It looks like the version that was copied might have been before cuckoomon added its GPLv3 license or any mention of copyright at all in the headers (as any copyright mention is missing from the files in the repo) but surely that wouldn't grant Endgame the ability to relicense that code under the MIT license.
-Brad
Hi,
Sorry I put this in as an issue as I did not know another way to contact yourselves regarding this project. I am wondering about the future for this project as it is very interesting and specifically about increasing its reach? Firstly I think this project looks fantastic and I thank you for making this publically available. Unfortunately without personal access to VSphere (& I doubt my employer would allow me to use it on their production Vsphere :-) ) I am limited in my ability to actually use it as I am sure other researchers are too. I am wondering thus:
Are there plans to allow the use of other virtualisation products i.e VirtualBox etc. to allow more general use?
Is there a possibility you would consider implementing some of the functionality in Cuckoobox (specifically the exploit detections) or extending Cuckoo with similar features? Cuckoosploit from Checkpoint provided some functionality and this was ported into Cuckoo-modified and also into the Cuckoo 2.0 branch where you can see the changes here: cuckoosandbox/monitor#17.
Currently this primarily covers ROP based exploits and obviously as mentioned in your blogs and the tool this is becoming increasingly unreliable as ropless methods are used. Being able to use these exploit detections within Cuckoo would be great & it is in wide general use among the security community allowing more researchers to benefit from this and also would help extend its coverage to also document exploits for instance. I would love to be able to implement this kind of detection myself but it is unfortunately out of my abilities to port this kind of functionality.
Thank you very much for your time.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.