Just recently, I started a new project alongside my studies. Here at school, we plug USB drives in and out all the time and... there's a little virus going around.
So I came up with a simple idea: sandbox the USB drive and only retrieve the files you actually want from it.
That's how I started coding Quartzine, a sandbox for USB drives. You plug in the USB drive, Quartzine detects it, creates a virtual machine, passes the USB through to the VM, you do your stuff and... that's all I originally had in mind.
Nevertheless, since I'm not really someone who focuses on the present, I decided to go further: Integrate malware analysis into it using eBPF (through bpftrace).
That led me to learning bpftrace, and I'm still doing that haha.
If you want to take a look, here's where the code lives:
https://github.com/Mathos6/Quartzine (The project isn't fully functional yet, but I think it'll be by the end of the summer.)
I'd love to hear what you think about it, things I could improve, things I should rethink, etc.
Top comments (0)