-
Notifications
You must be signed in to change notification settings - Fork 20
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add mechanism to synthetically test entire pipeline #34
Comments
Exactly!
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
We could use a mechanism to make sure that the whole peekaboo/cuckoo pipeline works, ideally without submitting and including in the distribution any actual or test malware.
The vision is to have a custom community signature in cuckoo which accepts a random cookie upon job submit and then looks for exactly this cookie as an existing file of that name or a file of that content in a fixed location. Peekaboo could then submit that trigger file to cuckoo and thus test the whole pipeline from beginning to end.
The signature could be enabled all the time in cuckoo because peekaboo can control if and when it submits a test job with the signature's cookie parameter, e.g. when started in debug or a special system-test-on-startup mode. This would avoid a need for reconfiguration of any system components to test them.
This would replace the current PeekabooYar EICAR-signature-like approach.
Suggested by @Jack28.
The text was updated successfully, but these errors were encountered: