Tribal Chicken

Security. Malware Research. Digital Forensics.

  • Home
  • About
  • Contact

Automated malware analysis: Mail server -> Cuckoo

Thomas White • 17 Oct 2014 • Tags: cuckoo, email, malware, script

Here’s something I threw together over a beer. Some real basic bash scripts to automatically submit anything that is quarantined by the mail server to my Cuckoo Sandbox instance for analysis. I’m sure there are much more graceful ways to do this, but hey, it works: Quarantine on the mail server is carried… leer más

Page 1 of 1

About

I'm an Australian who does tech and security stuff. When not at my full-time job, I do independent DFIR / InfoSec / Malware research.

This site acts as an informal outlet for some of my personal work.

Most popular articles:

  1. Recovering BitLocker Keys on Windows 8.1 and 10: A brief touch on how the changes to BitLocker after
  2. Extracting FileVault 2 Keys with Volatility: This is a volatility plugin which can recover FileVault 2
  3. Automated Malware Analysis: mail server -> Cuckoo, V2.0: Quite some time ago I slapped together a couple of
  4. Hunting malware through memory analysis: A word of warning… Lots of screenshots in this post.

Disclaimer: The views expressed here are my own and do not necessarily reflect those of my current or past employers, affiliations, cats, etc.

Powered by: Ghost, Nginx and FreeBSD. Content powered by coffee. Ideas powered by beer, which you are welcome to donate if I've helped you.