Welcome to Dragonfly!

Dragonfly is an automated sandbox, developed by Certego, built over different emulation engines: it allows to customize the entire operating system and the rules used to hunt malware.

The sample is emulated and analyzed through a set of rules that Dragonfly’s users can create, customize and share with other people, allowing the creation of a true white-box sandbox. Users are able to review and share public rules, customize them as they please and use every type of information that Dragonfly store about the emulation to create at any time more effective rules to hunt new malware. The emulation paradigm is extended to the operating system: it is possible to deeply customize the OS and then share the configuration with other members of the same organization.

Dragonfly is currently in a CLOSED ALPHA state: every user after the registration process must be manually vetted before allowed to use the Dragonfly platform. We strongly encourage and invite people in the cyber security community (SOC analysts, threat intelligence researchers, reverse engineers) interested in malware analysis to request the access and try this new platform. Please, remember that a delay of 1/2 working days before receiving an approval is likely to happen.

Given the state of the platform, bugs and issues are unfortunately expected: our team promise is to solve them in a timely manner. Since the project is in an ongoing development phase, new features and daily improvements are common. Feedbacks from the community are deeply appreciated, allowing the Dragonfly’s team to keep the direction requested from its audience.