How to add a custom python script to the plugins on the CAS device.

A virtual CAS does not have malware analysis hardware and will not be able to support plugins.

Using SSH or a console connection, log into the CLI of the CAS.

Create an auth token from the CAS with the command:

• ma-actions api-key create user admin role administrator

*** NOTE: You will want to store this key as there is no way to recover it, you can only create new ones. ***

Once you have the auth token, you can generate the POST using curl with the command:

• curl -k -X POST --form [email protected]_filename.py --form owner=_SYSTEM_ --form resource_magic=system:plugin:ivm -H 'X-API-TOKEN: your_auth_token' https://your-cas-ip:8082/rapi/samples/resources

Replace:

1.   "plugin_filename" with the name of your plugin file.
2.   "your_auth_token" with the token generated earlier in the process
3.   "your-cas-ip" with the IP address of your CAS

Once you run this command you should see a succesfull JSON response.

After recieving the successful JSON response you will find your custom plugin in the plugin management section of the CAS (Malware Analysis -> Task Settings -> Plugins)