Skip to main content

Cape Sandbox

Download With Dependencies

CAPE Sandbox is an open-source software for automating the analysis of suspicious files.

Cape Sandbox

CAPE Sandbox is an open-source software for automating the analysis of suspicious files. It provides comprehensive malware analysis capabilities, including behavioral analysis, memory forensics, and network traffic capture.

What does this pack do?

This pack includes the Cape Sandbox integration that enables you to:

Cape Sandbox Integration

  • Submit files for analysis - Upload suspicious files to CAPE Sandbox for automated malware analysis, including support for PCAP files.
  • Submit URLs for analysis - Analyze potentially malicious URLs in a controlled sandbox environment.
  • Retrieve analysis reports - Access detailed analysis reports in multiple formats (JSON, MAEC, metadata, lite).
  • Download artifacts - Download samples, PCAP files, and screenshots from completed analyses.
  • Manage analysis tasks - List, view, and delete analysis tasks.
  • Monitor sandbox status - Check the operational status of CAPE/Cuckoo machines and overall system health.
  • View file information - Query file details by Task ID, MD5, or SHA256 hash.

For more information

Cape Sandbox

CAPE Sandbox is an open-source software for automating the analysis of suspicious files. It provides comprehensive malware analysis capabilities, including behavioral analysis, memory forensics, and network traffic capture.

What does this pack do?

This pack includes the Cape Sandbox integration that enables you to:

Cape Sandbox Integration

  • Submit files for analysis - Upload suspicious files to CAPE Sandbox for automated malware analysis, including support for PCAP files.
  • Submit URLs for analysis - Analyze potentially malicious URLs in a controlled sandbox environment.
  • Retrieve analysis reports - Access detailed analysis reports in multiple formats (JSON, MAEC, metadata, lite).
  • Download artifacts - Download samples, PCAP files, and screenshots from completed analyses.
  • Manage analysis tasks - List, view, and delete analysis tasks.
  • Monitor sandbox status - Check the operational status of CAPE/Cuckoo machines and overall system health.
  • View file information - Query file details by Task ID, MD5, or SHA256 hash.

For more information

PUBLISHER

PLATFORMS

Cortex XSOARCortex XSIAM

INFO

CertificationRead more
Supported ByCortex
CreatedNovember 11, 2025
Last ReleaseApril 30, 2026
Malware
Threat Intelligence Management
Incident Response
WORKS WITH THE FOLLOWING INTEGRATIONS:
DISCLAIMER
By downloading or using Marketplace content, you agree to the applicable Terms of Use and End User License Agreement. Third-party content is provided by its publisher, and Palo Alto Networks does not warrant, endorse, support, or assume responsibility for content not expressly identified as owned by Palo Alto Networks.