multiscanner v2.0.0rc1 releases: Modular file scanning/analysis framework
MultiScanner is a file analysis framework that assists the user in evaluating a set of files by automatically running a suite of tools for the user and aggregating the output. Tools can be custom built Python scripts, web APIs, software running on another machine, etc. Tools are incorporated by creating modules that run in the MultiScanner framework.
Modules are designed to be quickly written and easily incorporated into the framework. Currently written and maintained modules are related to malware analytics, but the framework is not limited to that scope. For a list of modules, you can look in modules/. Descriptions and config options can be found on the Analysis Modules page.
It also supports a distributed workflow for sample storage, analysis, and report viewing. This functionality includes a web interface, a REST API, a distributed file system (GlusterFS), distributed report storage/searching (Elasticsearch), and distributed task management (Celery / RabbitMQ). Please see Architecture for more details.
An installer script is included in the project install.sh, which installs the prerequisites on most systems.
- Additional updates to the 2.0 release.
$ git clone https://github.com/mitre/multiscanner.git
$ cd multiscanner
$ sudo -HE ./install.sh
$ python multiscanner.py init
Copyright (c) 2015, The MITRE Corporation. All rights reserved.