is there anyway to protect the agent.py process?

cuckoosandbox / cuckoo

Cuckoo Sandbox is an automated dynamic malware analysis system

http://www.cuckoosandbox.org

Other

5.52k stars 1.7k forks source link

is there anyway to protect the agent.py process? #740

Open Ali-Razmjoo opened 8 years ago

Ali-Razmjoo commented 8 years ago

Hello, How we can protect the agent.py process to be unkillable/unterminatable ? is there anyway to self protect ? if agent.py begin killed, analysis will be stop ? with a simple command system("taskkill /f /im python.exe"); cuckoo sandbox will stop working!

botherder commented 8 years ago

Indeed that's a problem we need to brainstorm about.