jbremer
commented
9 years ago It's on our todo list. Mark and Claudio had some progress on this through "diffing" reports in the browser and I'm handling as part of the monitor itself as well. Final result would hopefully become a fully stripped down report with only the useful stuff (i.e., exploit attempts etc).
Going to need some more work though, so stay tuned.
botherder
It might be nice for Cuckoo to support the idea of removing extraneous data. For instance, when analyzing a potentially malicious word document, perhaps the standard winword startup sequence could be hidden (optionally) based on a known-good "template" of executing a clean word document.
The same goes for network traffic (e.g., microsoft update, or upnp, etc). Although much of this can be disabled, in the long run it might be effective to be filtered out of displayed results (again, optionally).