Skip to content

Releases: mitre/multiscanner

2.0.0

28 Jan 18:56
86e0145
Compare
Choose a tag to compare

MultiScanner 2.0 includes a large refactor of the code base to better support Python packaging and imports.

Other changes include:

  • migration to ElasticSearch 6 for distributed mode
  • multiselect file download
  • API /storage stability improvements (#74)
  • add tags at upload (#122)
  • add module for Endgame's Ember benchmark model
  • updates to docker image
  • several bug fixes.

2.0.0rc1

21 Dec 22:24
84a7bf5
Compare
Choose a tag to compare
2.0.0rc1 Pre-release
Pre-release

Additional updates to the 2.0 release.

2.0.0rc0

11 Oct 18:50
Compare
Choose a tag to compare
2.0.0rc0 Pre-release
Pre-release

Multiscanner 2.0 includes a large refactor of the code base to better support Python packaging and imports, migration to ElasticSearch 6 for distributed mode, and several bug fixes.

Note: This release includes several breaking changes, and support for ES5 -> ES6 is not currently available. If using Multiscanner in distributed mode, redeployment is recommended.

1.2.0

01 May 16:03
Compare
Choose a tag to compare
  • Celery worker fixes
  • Add support for STIX 2 output
  • Add system monitoring and health to web UI

1.1.1

15 Mar 18:10
7fb07b5
Compare
Choose a tag to compare

Hot fix for NSRL module bug.

1.1.0

12 Mar 20:11
09004f7
Compare
Choose a tag to compare

This release includes several feature enhancements, improved resiliency of the celery workers, as well as a massive pep 8 code cleanup. Additionally, the feature-celery branch has been merged with the master branch. Future enhancements to Distributed MultiScanner will be tracked in the master branch.

Initial Release of Distributed MultiScanner

31 Jan 15:45
a91dfcf
Compare
Choose a tag to compare

MultiScanner is an open source file analysis framework that assists the user in evaluating a set of files by automatically running a suite of tools for the user and aggregating the output. Tools can be custom built python scripts, web APIs, software running on another machine, etc. With a modular plugin architecture and a scalable Elasticsearch backend, this framework is designed to handle any amount of malware storage, analysis, and reporting as well as enable advanced analytics on the outputs of your malware tools. The entire ecosystem (report storage, sample storage, worker nodes, queue/task management system, web/REST services) is deployed via Ansible (https://github.com/mitre/multiscanner-ansible). The true power of this system is that it stores all the outputs from all of an analysts' malware analysis tools in one highly performant, searchable and scalable data store. Elasticsearch allows for full text searching across all your reports and modules. This allows fast access to interesting details from your malware analysis tools, pivoting between samples, and powerful analytics on report output.