Simple Slack bot to submit hashes to a Cuckoo Sandbox instance.
-
Create a bot user in Slack and copy the OAuth credentials (https://api.slack.com/bot-users#creating-bot-user)
-
Set the environment variable for 'slack_client' with the OAuth credentials.
-
Set the environment variable for 'cuckoo' with the Cuckoo API URL.
-
If using Docker, fill these in the Dockerfile and build the container.
@bot submit <hash>
Cuckoo will use it's VTI key to download the hash given and return a taskid.
@bot status <taskid>
View the current status of the sample being analyzed
@bot score <taskid>
View the score given to the sample after processing. Will also provide any signature detection matches.
@bot health
View the current status/health of the API