Cuckoo

Cuckoo Package Description

Cuckoo Sandbox is a malware analysis system. You can throw any suspicious file at it and in a matter of seconds Cuckoo will provide you back some detailed results outlining what such file did when executed inside an isolated environment.

Cuckoo generates a handful of different raw data which include:

• Native functions and Windows API calls traces
• Copies of files created and deleted from the filesystem
• Dump of the memory of the selected process
• Full memory dump of the analysis machine
• Screenshots of the desktop during the execution of the malware analysis
• Network dump generated by the machine used for the analysis.

In order to make such results more consumable to the end users, Cuckoo is able to process them and generate different type of reports, which could include:

• JSON report
• HTML report
• MAEC report
• MongoDB interface
• HPFeeds interface

Source: http://www.cuckoosandbox.org/about.html
Cuckoo Homepage | Kali Cuckoo Repo

• Author: Cuckoo Sandbox Developers
• License: GPLv3

Tools included in the cuckoo package

cuckoo.py – Automated malware analysis system

The Cuckoo Sandbox.

Cuckoo Usage Example