Malbox is under active development. This is a broad overview, not an exhaustive list - priorities may shift as we learn from users and the community.Documentation Index
Fetch the complete documentation index at: https://docs.malbox.app/llms.txt
Use this file to discover all available pages before exploring further.
Foundation
ShippedCore platform capabilities that power Malbox today.
Multi-language plugin SDK
Write analysis plugins in Rust, C++, or Python with SDK support for both host and guest environments.
Task scheduling
Run analyses in parallel with configurable worker pools, queue priorities, and timeout management.
VM machinery framework
Pluggable providers and provisioners for managing virtual machine lifecycle across different hypervisors.
CLI tooling
Purpose-built binaries for everyday use and administration, with interactive prompts and styled output.
Report visualization
Score cards, threat overviews, artifact previews, and detailed analysis breakdowns in the web UI.
Transforms & Recipes
Chain encoding, hashing, and byte-level transforms into reusable recipes with a live pipeline editor and context-menu integration.
Automated installation
One-command installer that handles dependencies, configuration, and initial setup for fresh deployments.
Expansion
In progressImprovements and new capabilities currently in development.
Plugin marketplace
Central registry for discovering, sharing, and installing community-built analysis plugins.
User & permission management
Authentication, role-based access control, and scoped permissions across analyses, machines, and plugins.
Search and correlation
Search across analyses and correlate indicators of compromise to surface connections between samples.
Cloud machinery providers
Native VM provider integrations for AWS EC2 and Azure to run analysis environments in the cloud.
Plugin hot-reload
Update and reload plugins at runtime without restarting the platform or interrupting running analyses.
Data storage options
Pluggable storage backends with configurable retention policies, quota limits, and automatic cleanup.
Horizon
PlannedFuture directions we are exploring for the platform.
Advanced scoring engine
Fully configurable scoring with customizable logic, criteria, weights, and thresholds to match your analysis priorities.
Official plugins
Curated list of plugins made by Malbox maintainers for the community.
Collaborative workspaces
Share analyses, annotate findings, and coordinate investigations across team members.
Threat intelligence feeds
Automatic enrichment from external threat databases and indicator-of-compromise repositories.
VMI plugins
Host-only plugins that leverage virtual machine introspection to monitor guest behavior without in-guest agents.
On-prem fleet management
Centralized management of on-premise analysis node clusters with health monitoring, load balancing, and automated scaling.