Cuckoo-Modified-API Logo

Cuckoo-Modified-API

0
Free
Visit Website

A Python library to interface with a cuckoo-modified instance. This library interfaces with the Cuckoo malware sandbox at: https://github.com/spender-sandbox/cuckoo-modified. It can be used either with the Django web front end or the api.py script in utils. Installation: pip install git+https://github.com/keithjjones/cuckoo-modified-api.git ...or... pip install cuckoo-modified-api. Usage: You can load this module like any other module. As an example to submit a sample to Cuckoo: Python 2.7.12 (v2.7.12:d33e0cf91556, Jun 27 2016, 15:24:40) [MSC v.1500 64 bit (AMD64)] on win32 Type 'help', 'copyright', 'credits' or 'license' for more information. >>> import CuckooAPI >>> api = CuckooAPI.CuckooAPI('10.0.0.144') >>> api.submitfile('malware.exe') {u'url': [u'http://example.tld/submit/status/3/'], u'data': {u'task_ids': [3], u'message': u'Task ID 3 has been submitted'}, u'error': False} >>> More information about each function call is below. This is the standard Django web interface API. You can also interface with the api.py script, if you don't have Django running for example, from Cuckoo by setting the following API characteristics.

FEATURES

ALTERNATIVES

YARA rules for ProcFilter to detect malware and threats

A malware/botnet analysis framework with a focus on network analysis and process comparison.

Collection of slides, materials, demos, crackmes, and writeups from r2con-2017 conference.

Python wrapper for Android APK decompilation with various converter and decompiler options.

A write-up of the reverse engineering challenge from the 2019 BambooFox CTF competition

A de-obfuscator for M/o/Vfuscator, a notorious obfuscator, designed to reverse the effects of M/o/Vfuscator's obfuscation.

A Burp extension to check JWT tokens for potential weaknesses

TeamTNT is modifying its malicious shell scripts after they were made public by security researchers.