Threat Level: green Handler on Duty: Rob VandenBrink

SANS ISC: Run Extracted binaries from mirror traffic on cuckoo - SANS Internet Storm Center SANS ISC InfoSec Forums


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Run Extracted binaries from mirror traffic on cuckoo
Hi, Folks

Is there any way to run extracted binaries from mirror traffic on cuckoo ? Please advise.
ching

1 Posts
I'm not sure to understand what you try to achieve. You mean to extract files from a network capture and pass them to Cuckoo?
If it's this scenario, I'd have a look at Bro + Cuckoo.
Bro can extract files from live traffic or PCAP files and store them in a directory. Then write a script to pull files from this directory and feed Cuckoo.
Anonymous

-
ISC Handler

Sign Up for Free or Log In to start participating in the conversation!