{"id":30051428,"url":"https://github.com/capelabs/vibe-sandbox","last_synced_at":"2025-08-07T15:52:44.365Z","repository":{"id":308468870,"uuid":"1010619822","full_name":"capelabs/vibe-sandbox","owner":"capelabs","description":"VIBE Sandbox: chat-based sandbox for malware analysis ","archived":false,"fork":false,"pushed_at":"2025-08-06T04:52:34.000Z","size":69,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"main","last_synced_at":"2025-08-06T05:29:11.213Z","etag":null,"topics":["cybersecurity","malware","sandbox","security-tools"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/capelabs.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2025-06-29T13:12:25.000Z","updated_at":"2025-08-06T04:52:37.000Z","dependencies_parsed_at":"2025-08-06T05:29:14.685Z","dependency_job_id":"749961d1-7228-42b5-8e74-01e57a0ec7d3","html_url":"https://github.com/capelabs/vibe-sandbox","commit_stats":null,"previous_names":["capelabs/vibe-sandbox"],"tags_count":null,"template":false,"template_full_name":null,"purl":"pkg:github/capelabs/vibe-sandbox","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/capelabs%2Fvibe-sandbox","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/capelabs%2Fvibe-sandbox/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/capelabs%2Fvibe-sandbox/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/capelabs%2Fvibe-sandbox/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/capelabs","download_url":"https://codeload.github.com/capelabs/vibe-sandbox/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/capelabs%2Fvibe-sandbox/sbom","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":269284604,"owners_count":24391126,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-08-07T02:00:09.698Z","response_time":73,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cybersecurity","malware","sandbox","security-tools"],"created_at":"2025-08-07T15:52:42.192Z","updated_at":"2025-08-07T15:52:44.343Z","avatar_url":"https://github.com/capelabs.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"\n\n# VIBE Sandbox\n\n## Overview\nVIBE Sandbox is an open-source, chat-based sandbox for malware analysis across various operating systems. It enables easy integration with other services via the MCP server.\n\n## Architecture\n```\n[Client (e.g., Cursor)] \u003c---SSE---\u003e [MCP Server] \u003c---Docker/VirtualBox---\u003e [Sandbox VM]\n```\n- The MCP server (volatility3, virtualbox, etc.) communicates with each sandbox environment and connects to clients via SSE (Server-Sent Events).\n\n## Features\n- Chat-based malware analysis\n- Sandbox support based on Docker and VirtualBox\n- Real-time event streaming via the MCP server\n- Supports various operating systems (Windows, Linux)\n- Memory dump analysis and malware sample execution\n\n## Getting Started\nFollow the steps below to install and run VIBE Sandbox.\n\n### Prerequisites\n- Python 3.11 or higher\n- uv (Python package manager)\n- Docker (Windows users need Docker Desktop)\n- VirtualBox\n\n### Installation \u0026 Run\n1. Clone the repository:\n    ```bash\n    git clone git@github.com/capelabs/vibe-sandbox.git\n    cd vibe-sandbox\n    ```\n2. Install and sync uv (for virtualbox-mcp-server):\n    ```bash\n    pip install uv\n    cd virtualbox-mcp-server\n    uv sync\n    ```\n3. Start the server with Docker Compose:\n    ```bash\n    docker compose up -d\n    ```\n4. Start the virtual machine in VirtualBox and run the setup script for your OS with Administrator privileges:\n    - **Windows**: `setup-windows.bat`\n    - **Linux**: `setup-linux.sh`\n\n    \u003e **Note:**\n    \u003e When prompted for the logstash address during setup, use `10.0.2.2:5044` (for Windows) or `http://10.0.2.2:5045` (for Linux). This allows the VM to communicate with the logstash service running on the host machine.\n\n#### Additional Configuration \u0026 Tips\n\n- **Running the Virtualbox MCP Server**\n  - To run the Virtualbox-based MCP server using uv, use the following command:\n    ```bash\n    uv run python main.py\n    ```\n    (Working directory: `virtualbox-mcp-server/`)\n\n- **Registering Environment Variables (Windows)**\n  - Add the VirtualBox installation path (e.g., `C:\\Program Files\\Oracle\\VirtualBox`) to your system `PATH` environment variable.\n  - How to: [Edit system environment variables] → [Environment Variables] → Edit `Path` under System variables → Add the VirtualBox installation path\n\n##### Example Workflow\n1. Use the agent installed in the sandbox VM to deliver and execute commands\n2. Analysis results and events are delivered to the client in real time via the MCP server\n\n## Connecting to the MCP Server\nOnce the server is running, you can connect to the MCP server from clients such as Cursor.\n\n### Cursor MCP Configuration Example\nAdd the `mcp.json` file to Cursor's MCP settings. This file contains the VIBE Sandbox MCP server information:\n```json\n{\n  \"mcpServers\": {\n    \"volatility3\": {\n      \"url\": \"http://localhost:8000/sse\"\n    },\n    \"virtualbox\": {\n      \"url\": \"http://localhost:9000/sse\"\n    },\n    \"opensearch\": {\n      \"url\": \"http://localhost:9200/_plugins/_ml/mcp/sse?append_to_base_url=true\",\n      \"headers\": {\n        \"Content-Type\": \"application/json\",\n        \"Accept-Encoding\": \"identity\"\n      }\n    }\n  }\n}\n```\n\n## Contribution\nThis project is open-source. Feel free to leave feedback or contribute via issues and PRs.\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcapelabs%2Fvibe-sandbox","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fcapelabs%2Fvibe-sandbox","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fcapelabs%2Fvibe-sandbox/lists"}