Here is the list of Concourse CI pipelines created for the cincan project.
The pipelines are downloadable at GitLab.
You can setup the pilot environment and pipelines with the instructions at our Gitlab wiki page. README.md
|Pipeline name||Tools used||Description|
|cuckoo-pipeline||Cuckoo sandbox||Cuckoo will provide a detailed report outlining the behavior of filea uploaded to Gitlab repository|
|document-pipeline||ClamAV/PDFiD/PeePDF/JSunpack-n/shellcode/strings/oledump/olevba||The pipeline clones the samples from a Gitlab repo, sorts files to PDF and other documents and then runs appropriate tools to the sample files. Watch the VIDEO|
|MISP-integration||Example script that uses MISP zmq to listen for events with relevant attachments that could be further analysed with some CinCan pipeline.|
|pdf-pipeline||PDFiD / PeePDF / JSunpack-n / shellcode analysis.||The pipeline polls for new files at a Gitlab repo, analyses the documents and writes the results to another branch of the repo.|
|virustotal-pipeline||Suricata / iocextract / Virustotal||This pipeline consumes pcap files from s3 resource compatibible storage, archives pcaps and analyzes the files with suricata and virustotal.|
|volatility-pipeline-1||Volatility||Concourse pipeline that finds hidden processes and exports their executables to a git repo with Volatility.|