Access point simulating Internet services for malware analysis [closed]
I'm currently developing a project for dynamic analysis of mobile malware. To do this, I connect the infected mobile device to a wifi access point and I collect all the network traffic that I pass to Snort. This wifi access point is in fact a simple Raspberry Pi which, for the moment, allows all the traffic generated by the malware to be redirected to the Internet.
My problem is that I'd like to be able to analyse the network traffic without the malware taking advantage to exfiltrate information or communicate with a Command & Control (C&C) channel. To do this, I explored the various existing tools for simulating Internet services and found the 2 tools fakenet-ng and INetSIm. In the first case, fakenet-ng must be installed on the same machine as the malware, which doesn't suit my environment. And in the second case, INnetSIm must be installed on a different virtual machine to the one analysing the malware, which doesn't fit my case either.
To sum up, I was wondering if there was a tool that I could have used to simulate Internet services from an access point? Bearing in mind that I'd like to recover the network traffic so that I can analyse it later.
