Anomy – Tor Anonymiser for Malware Analysis

When carrying out Malware Analysis or Threat intelligence, the ability to anonymize your activities is hugely beneficial. The purpose of Anomy is to reduce the time taken to cover your tracks.

It runs the specified command through a tor sock proxy, bouncing the connection though the tor network. Meaning that your information does not show up in the log or records of the bad actor.

Whilst the initial scope of Anomy is to aid in Threat Hunting and Malware Analysis, there are likely many other use cases.

The project can be found here on GitHub, or by following the instruction below.

$ anomy -h
Usage: anomy [OPTION]... [URL]...
Mandatory arguments to long options are mandatory for short options too.
    -h,  --help                      print this help
    -w,  --wget                      wget download
    -s,  --ssh                       initiate ssh connection
    -f,  --ftp                       initiate ftp session
    -d,  --sftp                      initiate sftp session
    -t,  --telnet                    initiate telnet session

cd /opt
git clone
cd /Anomy
sudo bash
cd /opt/Anomy
sudo bash
Update: 12/02/2021

Anomy is now included in the REMnux Toolkit for Malware Analysis, you can find a link to the documentation here.

Leave a Reply

Your email address will not be published. Required fields are marked *