Adding Argus Flow Capture to the Cuckoo Sandbox
David Edelman
dedelman at iname.com
Sun Jun 22 14:37:57 EDT 2014
The cuckoo sandbox already has the ability to use tcpdump to capture traffic
between the sandbox and the network and Argus is very good about digesting
pcap files but I thought that I would try to create a native Argus
capability and for reasons that I can't understand, it worked.
The attached document has the specifics.
Carter, please feel free to add this to the distribution but you probably
need to look at, and modify the boilerplate at the top of the Argus.py
module
--Dave
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20140622/7c1e95b4/attachment.html>
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: Argus for Cuckoo Sandbox.txt
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20140622/7c1e95b4/attachment.txt>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 6283 bytes
Desc: not available
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20140622/7c1e95b4/attachment.bin>
More information about the argus
mailing list