Command line tool for interaction with sandboxes
Project description
Work with PT Sandbox like a pro
Documentation: https://security-experts-community.github.io/sandbox-cli
Source Code: https://github.com/Security-Experts-Community/sandbox-cli
[!NOTE]
python >= 3.11is required.
Installation
Using pipx:
pipx install sandbox-cli
Using PyPi:
pip install sandbox-cli
NixOS:
nix shell 'github:Security-Experts-Community/sandbox-cli'
Config
You must create default config file as described in docs/config-examples/config.toml:
Linux/MacOS:
~/.config/sandbox-cli/config.toml
or
$XDG_HOME_CONFIG_HOME/sandbox-cli/config.toml
Windows:
%APPDATA%\sandbox-cli\config.toml
Available options
scanner- Scan with the sandbox.images- Get available images in the sandbox.download- Download any artifact from the sandbox.email- Upload an email and get its headers.report- Generate short report from sandbox scans.unpack/conv- Convert sandbox logs into an analysis-friendly format.rules- Working with raw sandbox rules.
Usage examples
images
Get all availables images:
sandbox-cli images
┏━━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━━━━━━━━━┳━━━━━━━━━━━━┳━━━━━━━━━━━━━━━━━┓
┃ Name ┃ ID ┃ Version ┃ Product version ┃
┡━━━━━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━━━━━━━━━╇━━━━━━━━━━━━╇━━━━━━━━━━━━━━━━━┩
│ altlinux │ altworkstation-10-x64 │ ... │ ... │
│ astra │ astralinux-smolensk-x64 │ ... │ ... │
│ redos │ redos-murom-x64 │ ... │ ... │
│ ubuntu │ ubuntu-jammy-x64 │ ... │ ... │
│ Windows 10 Pro │ win10-1803-x64 │ ... │ ... │
│ Windows 10 Enterprise │ win10-22H2-x64 │ ... │ ... │
│ Windows 10 Pro │ win11-23H2-x64 │ ... │ ... │
│ Windows 7 Enterprise │ win7-sp1-x64 │ ... │ ... │
│ Windows 7 Enterprise │ win7-sp1-x64-ics │ ... │ ... │
└───────────────────────┴─────────────────────────┴────────────┴─────────────────┘
scanner
Scan the file on all available windows images with timeout 60s and with automatic logs unpacking:
sandbox-cli scanner scan-new -i windows -t 60 -U malware.exe
Development
uv is used to build the project.
uv sync
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file sandbox_cli-0.2.30.tar.gz.
File metadata
- Download URL: sandbox_cli-0.2.30.tar.gz
- Upload date:
- Size: 32.8 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
f8f778d50ea37edcad4de48fdd0f00c81c9742fa527ed2e22d06571381a5a374
|
|
| MD5 |
c5247396258462fd2fed796b9454487f
|
|
| BLAKE2b-256 |
301a8709cb0ff1ee2207efe537747a6fd7d72c7316a55a1b11fe57e1eb8c4a1f
|
File details
Details for the file sandbox_cli-0.2.30-py3-none-any.whl.
File metadata
- Download URL: sandbox_cli-0.2.30-py3-none-any.whl
- Upload date:
- Size: 47.3 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: twine/6.1.0 CPython/3.13.2
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
f70005b236c94ef3bf1f6a912dc6a2a137750b1416159e5eee1bdf84e019be99
|
|
| MD5 |
3a9caed1932f15af82ee011bf426893c
|
|
| BLAKE2b-256 |
37d964969ae5c249f391610e28d9449afe03bdcd6ae245e7a1e56ec52e931da5
|
