Threat Level: green Handler on Duty: Brad Duncan

SANS ISC: Run Extracted binaries from mirror traffic on cuckoo - SANS Internet Storm Center SANS ISC InfoSec Forums

Participate: Learn more about our honeypot network
https://isc.sans.edu/honeypot.html

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Run Extracted binaries from mirror traffic on cuckoo
Hi, Folks

Is there any way to run extracted binaries from mirror traffic on cuckoo ? Please advise. 		ching

1 Posts
thread locked Quote Subscribe Feb 6th 2019
3 years ago
I'm not sure to understand what you try to achieve. You mean to extract files from a network capture and pass them to Cuckoo?
If it's this scenario, I'd have a look at Bro + Cuckoo.
Bro can extract files from live traffic or PCAP files and store them in a directory. Then write a script to pull files from this directory and feed Cuckoo. 		Anonymous

-
ISC Handler
Thread locked. Quote Feb 6th 2019
3 years ago

Sign Up for Free or Log In to start participating in the conversation!