Run Extracted binaries from mirror traffic on cuckoo
Hi, Folks

Is there any way to run extracted binaries from mirror traffic on cuckoo ? Please advise.

1 Posts
I'm not sure to understand what you try to achieve. You mean to extract files from a network capture and pass them to Cuckoo?
If it's this scenario, I'd have a look at Bro + Cuckoo.
Bro can extract files from live traffic or PCAP files and store them in a directory. Then write a script to pull files from this directory and feed Cuckoo.

ISC Handler

Sign Up for Free or Log In to start participating in the conversation!