legal contact rss
 

install (the easy way)

A good HowTo: https://www.linkedin.com/pulse/open-source-malware-analysis-system-recipe-bruno-guerreiro-

Cucko Mail HowTo: https://blog.rootshell.be/2012/06/20/cuckoomx-automating-email-attachments-scanning-with-cuckoo/

A very, very easy way to setup your Cuckoo instance is using a docker file.

I used this one in the past: https://github.com/jgajek/cuckoo-docker.git

Thanks to jqajek by the way...  :-)

apt install docker-compose
cd /opt
git clone https://github.com/jgajek/cuckoo-docker.git
cd /opt/cuckoo-docker
change in dcoker.compose.yml to be 1.3-Optiv instead of 1.3-NG
docker-compose pull
docker-compose up

And now you have

  • Modified Cuckoo malware sandbox from Spender (https://github.com/spender-sandbox)
  • Django web UI behind nginx reverse proxy
  • vSphere machinery module
  • Tor transparent proxy
  • Suricata with ET ruleset
  • docker-compose file for easy creation and destruction of containers