The Minotaur Project



The Minotaur Project is an ongoing research project by the team at NovCon Solutions. It is being built as a hub for security professionals, researchers and enthusiasts to discover new threats and discuss mitigations. It is a combination of 3rd-party opensource software, local datasets, new analysis tools, and more.

Tools used by Minotaur include:
ProjectDescriptionUse
Cuckoo Sandbox An open source dynamic analysis sandbox environment. Cuckoo is the primary dynamic sandbox for Minotaur.
Zerowine An open source (GPL v2) research project to dynamically analyze the behavior of malware. Zerowine is the secondary dynamic sandbox for Minotaur.
JSUnpack An open source javascript analysis system. JSUnpack is run against almost all files submitted to Minotaur in order to extract urls and streams, and find and analyze javascript code.
LaikaBoss Laika BOSS is built on open source projects such as YARA and ZeroMQ. LaikaBoss is an additional analyzing tool.
Omnihash An open source tool to hash strings, files, input streams and network resources. Used for hash comparing/confirmation and CRC checks.
Entropy Visualization An open source tool to detect high entropy in highly structured data. Used to allow visual analysis of packed files.
ClamAV An open source antivirus engine for detecting trojans, viruses, malware & other malicious threats. Used for additional malware analysis and detection.
PEscanner A PE analyzer written in python by the authors of the Malware Analysts Cookbook Used for additional detection of malicious files.
Virus Total Free service that analyzes suspicious files and URLs. Detection of viruses, worms, trojans, and other malware.