Automated Virtual Machine Generation and Cloaking for Cuckoo Sandbox.
VMCloak is a tool to fully create and prepare Virtual Machines that can be used by Cuckoo Sandbox. In order to create a new Virtual Machine one should prepare a few configuration values that will be used later on by the tool.
In order to run VMCloak you'll at the very least require the following:
- Python 3.6 or higher.
- mkisofs or genisoimage.
- QEMU 2.11 or higher (tested with 4.2.1).
- root access to mount images and perform actions such as creating network bridges.
It is recommended that VMCloak is installed in a Virtualenv and on the user that should own the created virtual machines.
VMCloak is available as a Python Package
It can be installed with pip
using pip install -U vmcloak
.
Install the requirements. See the docs/ for a full list of requirements.
$ sudo apt update
$ sudo apt install python3 genisoimage qemu-system-x86 qemu-utils qemu-system-common
It is recommended to install VMCloak in a virtualenv.
$ virtualenv venv
$ source venv/bin/activate
$ (venv) pip install -U vmcloak
Fetching the Git repository through allows one access to the latest development version of VMCloak with features that may not have been pushed to the Python Package yet. A full example of installing VMCloak manually can be as follows:
$ (venv) git clone https://github.com/hatching/vmcloak.git
$ (venv) cd vmcloak
$ (venv) pip install .
$ (venv) pip install -e .[docs]
$ (venv) cd docs
$ (venv) make html
$ (venv) <your browser>/_build/html/index.html
The development of the VMCloak project initially started out as part of the ITES Project at Avira, thanks to Thorsten Sick. Many thanks to Rasmus Männa for lots of great contributions lately.