Cuckoo-Modified-API Logo

Cuckoo-Modified-API

0
Free
Visit Website

A Python library to interface with a cuckoo-modified instance. This library interfaces with the Cuckoo malware sandbox at: https://github.com/spender-sandbox/cuckoo-modified. It can be used either with the Django web front end or the api.py script in utils. Installation: pip install git+https://github.com/keithjjones/cuckoo-modified-api.git ...or... pip install cuckoo-modified-api. Usage: You can load this module like any other module. As an example to submit a sample to Cuckoo: Python 2.7.12 (v2.7.12:d33e0cf91556, Jun 27 2016, 15:24:40) [MSC v.1500 64 bit (AMD64)] on win32 Type 'help', 'copyright', 'credits' or 'license' for more information. >>> import CuckooAPI >>> api = CuckooAPI.CuckooAPI('10.0.0.144') >>> api.submitfile('malware.exe') {u'url': [u'http://example.tld/submit/status/3/'], u'data': {u'task_ids': [3], u'message': u'Task ID 3 has been submitted'}, u'error': False} >>> More information about each function call is below. This is the standard Django web interface API. You can also interface with the api.py script, if you don't have Django running for example, from Cuckoo by setting the following API characteristics.

FEATURES

ALTERNATIVES

A PowerShell module for interacting with VirusTotal to analyze suspicious files and URLs.

A tool for translating Dalvik bytecode to Java bytecode for analyzing Android applications.

A comprehensive guide to malware analysis and reverse engineering, covering topics such as lab setup, debugging, and anti-debugging.

A tool for malware analysts to search through base64-encoded samples and generate yara rules.

A simple XSS scanner tool for identifying Cross-Site Scripting vulnerabilities

Java decompiler for modern Java features up to Java 14.

YARA rules for ProcFilter to detect malware and threats

YARA syntax highlighting for Gtk-based text editors

PINNED