Abstract

Limon is a sandbox for automating Linux malware analysis. It collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect the Linux malware before execution, during execution, and after execution (post-mortem analysis) by performing static, dynamic and memory analysis using open source tools. Limon analyzes the malware in a controlled environment, monitors its activities and its child processes to determine the nature and purpose of the malware. It determines the malware’s process activity, interaction with the file system, network, it also performs memory analysis and stores the analyzed artifacts for later analysis.

For more information, please visit this blog post on Limon: http://malware-unplugged.blogspot.in/2015/11/limon-sandbox-for-analyzing-linux.html; the download link is also available on GitHub: https://github.com/monnappa22/Limon.