stoQ plugin that scans payloads using Falcon Sandbox
All options below may be set by:
-
sandbox_url[str]: URL for Falcon Sandbox -
apikey[str]: Falcon Sandbox API key -
useragent[str]: User Agent to use for request -
wait_for_results[True/False]: Wait for analysis to complete before returning results -
delay[int]: Time in seconds to wait between checking for completed results -
max_attempts[int]: Maximum amount of attempts to retrieve results -
environment_id[int]: Analysis environment to useAvailable environments ID:
- 300: 'Linux (Ubuntu 16.04, 64 bit)',
- 200: 'Android Static Analysis’,
- 160: 'Windows 10 64 bit’,
- 110: 'Windows 7 64 bit’,
- 100: ‘Windows 7 32 bit’