install (the easy way)
A good HowTo: https://www.linkedin.com/pulse/open-source-malware-analysis-system-recipe-bruno-guerreiro-
Cucko Mail HowTo: https://blog.rootshell.be/2012/06/20/cuckoomx-automating-email-attachments-scanning-with-cuckoo/
A very, very easy way to setup your Cuckoo instance is using a docker file.
I used this one in the past: https://github.com/jgajek/cuckoo-docker.git
Thanks to jqajek by the way... :-)
apt install docker-compose
cd /opt
git clone https://github.com/jgajek/cuckoo-docker.git
cd /opt/cuckoo-docker
change in dcoker.compose.yml to be 1.3-Optiv instead of 1.3-NG
docker-compose pull
docker-compose up
And now you have
- Modified Cuckoo malware sandbox from Spender (https://github.com/spender-sandbox)
- Django web UI behind nginx reverse proxy
- vSphere machinery module
- Tor transparent proxy
- Suricata with ET ruleset
- docker-compose file for easy creation and destruction of containers