case file / Malware

detonate

// Python ยท Malware sandbox

detonate is a malware-analysis sandbox with Docker and QEMU execution, telemetry, YARA, Suricata, threat-intelligence enrichment, and AI-assisted reports.

open repository all work
Cinematic dark malware-analysis sandbox with sealed containment cube, red telemetry, and neutral evidence artifacts for detonate.

Where it fits

Malware analysis, reverse engineering, and DFIR lab automation.

What stands out

  • Sandbox execution paths around Docker and QEMU.
  • YARA, Suricata, telemetry, and threat-intel enrichment.
  • Designed for repeatable malware-analysis reporting.

Related areas

detonate connects to malware-analysis, malware-sandbox, dfir, yara, suricata. The source repository carries the code, releases, issues, and documentation trail.