[analyzer] Cuckoo3

[mlodic]

https://github.com/cert-ee/cuckoo3

First Cuckoo 3 public instance: https://cuckoo-hatch.cert.ee/

This analyzer should support also private intances and no-https deployments.

This is the list of the API endpoints I found from some slides.

/submit/file Submit a file
/submit/platforms Fetch list of available VM platforms
/analysis/<analysis_id> Fetch overall report for analysis ID
/analysis/<analysis_id>/identification Fetch static file identification information for analysis ID
/analysis/<analysis_id>/pre Fetch static report for analysis IDCuckoo API
/analysis/<analysis_id>/task/<task_id> Fetch behavioural task report
/analysis/<analysis_id>/task/<task_id>/post Fetch post task behavioral report
/analysis/<analysis_id>/task/<task_id>/machine Fetch machine info of used machine
/analysis/<analysis_id>/task/<task_id>/pcap Download the PCAP
/analyses Fetch a list of analyses

Full docs

[devmrfitz]

@mlodic Do you recommend me to take this up now?

[mlodic]

I am not sure if the public site allows to configure an API key. It is possible that you would need to set up the entire Cuckoo3 and this is not feasible for now. I would skip this

[mlodic]

the project seems abandoned as soon as it started.