I would like to know how can I analyse an obfuscated malware php code ? I heard about cuckoo sandbox, but it seems too overwhelming for this particular task. So I decided to run a Vagrant box, install php-cli, tcpdump, ... run the php code and look for connections with tcpdump for example ...
What would you do in such case ? I would like to know if there is some dedicated tools for specific php malware/backdoor analysis ?
Thanks :)