Modular
Extend functionality effortlessly through plugins written in Rust, JavaScript, or Python.
Plugins support various execution models and can run either on the host or within the guest environment.
Malbox
An extensible, reliable FOSS malware analysis framework built in Rust with a plugin-driven architecture for security teams and researchers.
Performant
Malbox delivers modularity without sacrificing performance.
It mostly leverages iceoryx2, a shared-memory IPC (Inter-Process Communication) library that enables zero-copy, lock-free communication between components.
Plugin developers can fine-tune behavior through configurable options, often resulting in optimized runtimes and greater adaptability.
FOSS
Maintain full control over your infrastructure—Malbox is and always will be open-source and free.
It supports both cloud-based and on-premise deployment for flexible storage and compute solutions.
User Friendly
Malbox features a built-in marketplace for easy installation of both official and community-verified plugins.
No rebuilds or restarts are needed to install new plugins.
All plugins and profiles adhere to strict standards, ensuring a secure and healthy ecosystem.
Declarative Configuration
Malbox is fully declarative—configuration and deployment included.
With integrated tools like Terraform, Packer, and Ansible, users can build images, define infrastructure, and manage machinery templates seamlessly.
Provider Flexibility
Malbox is not tied to any specific provider.
Users are free to choose their preferred technology for sandboxed environments.
To integrate a new provider, simply wrap it using the Malbox API.