Adding Argus Flow Capture to the Cuckoo Sandbox
David Edelman
dedelman at iname.com
Mon Jun 23 17:52:48 EDT 2014
I'll create a README file later this evening.
I've spoken with some cuckoo users who are interested and I'll ask on the community wiki.
Dave
> On Jun 23, 2014, at 15:06, Carter Bullard <carter at qosient.com> wrote:
>
> Hey Dave,
> Definitely will make it available.
> How about putting the txt file as a CUCKOO.README file in argus/support/, putting it in
> either the Deployment, or the Startup directory??
>
> Do you think the Cuckoo group would be interested ???
>
> Carter
>
>> On Jun 22, 2014, at 2:37 PM, David Edelman <dedelman at iname.com> wrote:
>>
>> The cuckoo sandbox already has the ability to use tcpdump to capture traffic between the sandbox and the network and Argus is very good about digesting pcap files but I thought that I would try to create a native Argus capability and for reasons that I can’t understand, it worked.
>>
>> The attached document has the specifics.
>>
>> Carter, please feel free to add this to the distribution but you probably need to look at, and modify the boilerplate at the top of the Argus.py module
>>
>> --Dave <<...>>
>>
>> <Argus for Cuckoo Sandbox.txt>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://pairlist1.pair.net/pipermail/argus/attachments/20140623/dc115223/attachment.html>
More information about the argus
mailing list