Skip to content

Initial Release of Distributed MultiScanner
Compare
Choose a tag to compare
@awest1339 awest1339 released this 31 Jan 15:45
· 180 commits to feature-celery since this release
1.0.0
a91dfcf
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

MultiScanner is an open source file analysis framework that assists the user in evaluating a set of files by automatically running a suite of tools for the user and aggregating the output. Tools can be custom built python scripts, web APIs, software running on another machine, etc. With a modular plugin architecture and a scalable Elasticsearch backend, this framework is designed to handle any amount of malware storage, analysis, and reporting as well as enable advanced analytics on the outputs of your malware tools. The entire ecosystem (report storage, sample storage, worker nodes, queue/task management system, web/REST services) is deployed via Ansible (https://github.com/mitre/multiscanner-ansible). The true power of this system is that it stores all the outputs from all of an analysts' malware analysis tools in one highly performant, searchable and scalable data store. Elasticsearch allows for full text searching across all your reports and modules. This allows fast access to interesting details from your malware analysis tools, pivoting between samples, and powerful analytics on report output.

Assets 2
Loading