Utilities

Cuckoo comes with a set of pre-built utilities to automatize several common tasks. You can find them in “utils” folder.

Cleanup utility

If you want to delete all history, analysis, data and begin again from the first task you need clean.sh utility.

Note

Running clean.sh will delete: analysis results, binaries, SQLite database (if used) and logs.

To clean your setup, run:

$ ./utils/clean.sh

This utility is designed to be used with Cuckoo (including API and web interface) not running.

If you are using a custom database (MySQL, PostgreSQL or SQLite in custom location) clean.sh doesn’t clean it, you have to take care of that.

Submission Utility

Submits sample to analysis. This tool is already described in Submit an Analysis.

Web Utility

Cuckoo’s web interface. This tool is already described in Submit an Analysis.

Processing Utility

Run the results processing engine and optionally the reporting engine (run all reports) on an already available analysis folder, in order to not re-run the analysis if you want to re-generate the reports for it. This is used mainly in debugging and developing Cuckoo. For example if you want run again the report engine for analysis number 1:

$ ./utils/process.py 1

If you want to re-generate the reports:

$ ./utils/process.py --report 1

Community Download Utility

This utility downloads signatures from Cuckoo Community Repository and installs specific additional modules in your local setup and for example update id with all the latest available signatures. Following are the usage options:

$ ./utils/community.py

usage: community.py [-h] [-a] [-s] [-p] [-m] [-r] [-f] [-w]

optional arguments:
  -h, --help            show this help message and exit
  -a, --all             Download everything
  -s, --signatures      Download Cuckoo signatures
  -p, --processing      Download processing modules
  -m, --machinemanagers
                        Download machine managers
  -r, --reporting       Download reporting modules
  -f, --force           Install files without confirmation
  -w, --rewrite         Rewrite existing files

Example: install all available signatures:

$ ./utils/community.py --signatures --force