IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [sandbox]

A sandbox is a security mechanism for containing and restricting untrusted programs. Such programs could contain malicious code, which would otherwise harm the user's system.

195 questions
1
vote
1 answer

Can hackers compromise a VM to the point that they compromise your host OS?

Recently I was reading up on various security strategies and one that has been around for a while but is starting to gain traction now is working within a VM on your desired OS. If that VM ever gets compromised you can simply revert the system back…
RAZ_Muh_Taz
  • 113
  • 5
1
vote
0 answers

Can the Android OS prevent the API calls to system services from being fooled?

Android Application Framework provides a whole bunch of system services, such as PackageManagerService, ActivityManagerSerive. Most of the services are in the System Server process. The framework also provides a whole bunch of APIs to apps in the…
Infinite
  • 320
  • 1
  • 10
1
vote
1 answer

Why do some ransomware executables run on VirtualBox?

Even though they appears to have anti-VM capabilities? I've downloaded some latest samples of ransomware executables from cerber, locky, and other family of ransomware Why do they still execute in the virtualbox environment? It is a fresh new…
Pwn Fire
  • 11
  • 1
1
vote
1 answer

What is the differerence between virtualization and sandboxing

Is virtualization basically "easier" sandboxing ? Where the system calls are intercepted and rules are set out whether to allow the system call to go through or not. I believe system calls are traced to find out which application is making the calls…
David J
  • 281
  • 4
  • 5
1
vote
1 answer

How to sandbox Firefox ESR for normal browsing?

I'm running Debian 9.1 with KDE and for security purposes I'd like to run Firefox ESR in a sandboxed mode. However I'd still like to use many normal Firefox features for my normal browsing, download files to my computer and store / access browsing…
mYnDstrEAm
  • 319
  • 2
  • 17
1
vote
1 answer

Job applicants submit code, how do companies securely test it?

Applicants for software engineering jobs sometimes go through coding challenges as part of the interview process. The company may send applicants code and a development task with a deadline, and applicants send back the code with modifications based…
cr0
  • 371
  • 2
  • 4
  • 15
1
vote
2 answers

How to test the security of a hardened Web Browser?

I want to actually test the security of a sandboxed and hardened web browser after I implemented 3rd party security tools that claim to harden the browser. So how can I or what approach should I follow to test the security of a web browser? Edit:…
user3200534
  • 851
  • 8
  • 19
1
vote
1 answer

In Kali Linux, how can I open files in a safe manner without disconnecting internet?

I downloaded a few documents over Tor as of late. I am mindful of the issues which I can confront when I open a document downloaded through Tor in an online machine. I want to know how to open these documents in a sandboxed environment on a machine…
Shri Devi Charan Singh
  • 43
  • 6
1
vote
1 answer

Browser custom protocol handlers

The possibility of running a shell command from an extension (NPAPI) has been phased out, but custom protocol handlers are still supported. What is the practical difference if an extension can still launch any executable via the protocol handler?
antonio
  • 845
  • 2
  • 8
  • 15
1
vote
1 answer

Encrypt/Isolate files of the Software

We want to create a secure email client based on Thunderbird source code and looking for a method to encrypt files or to isolate files from being stolen by some malware. and to avoid infecting pc via malicious emails. Which method is more secure to…
Arthur Wento
  • 21
  • 1
1
vote
1 answer

How does the quarantine of anti-virus/malware software work?

What is the quarantine of antivirus software? Is it just some strict user/group rights and changing file extension or is it an actual moving the file(s) to a virtual environment? How is this software preventing a virus from executing or breaking out…
Bob Ortiz
  • 6,234
  • 8
  • 43
  • 90
1
vote
3 answers

Security implications of FileExists() from javascript in browser

What would the security implications be if JavaScript, in a browser, could perform a typical FileExists() operation with normal file paths (win and/or mac)? Something like Node's fs.existsSync(path) but from JavaScript running in a browser's…
Mike
  • 113
  • 3
1
vote
2 answers

Difference between antivirus and sandbox?

When reading about how antivirus and sandbox work, my understanding is that an AV scans a file to see whether it matches with known viruses signatures. Sandbox can be used to obtain the behaviors of a file when it runs. However, I don't know how…
user3404735
  • 465
  • 5
  • 7
1
vote
1 answer

When NtUnmapViewOfSection is called?

I'm analyzing an executable and I see that it created a process child and within it there was a call to NtUnmapViewOfSection. I know that this method is almost always malicious and can be used for process hollowing for example. I want to know if…
Asaf Kahlon
  • 43
  • 4
1
vote
0 answers

cuckoo sandbox - PID exit

I hope someone could help me I've played with cuckoo for a while however I've just done a new installation and it all works however it will not run the binary i would like to scan. the PID exits after it is loaded? could anyone point me in the…
tugg
  • 11
  • 2
1 2 3
12 13