Releases: mitre/multiscanner
2.0.0
MultiScanner 2.0 includes a large refactor of the code base to better support Python packaging and imports.
Other changes include:
2.0.0rc1
2.0.0rc0
Multiscanner 2.0 includes a large refactor of the code base to better support Python packaging and imports, migration to ElasticSearch 6 for distributed mode, and several bug fixes.
Note: This release includes several breaking changes, and support for ES5 -> ES6 is not currently available. If using Multiscanner in distributed mode, redeployment is recommended.
1.2.0
1.1.1
1.1.0
This release includes several feature enhancements, improved resiliency of the celery workers, as well as a massive pep 8 code cleanup. Additionally, the feature-celery branch has been merged with the master branch. Future enhancements to Distributed MultiScanner will be tracked in the master branch.
Initial Release of Distributed MultiScanner
MultiScanner is an open source file analysis framework that assists the user in evaluating a set of files by automatically running a suite of tools for the user and aggregating the output. Tools can be custom built python scripts, web APIs, software running on another machine, etc. With a modular plugin architecture and a scalable Elasticsearch backend, this framework is designed to handle any amount of malware storage, analysis, and reporting as well as enable advanced analytics on the outputs of your malware tools. The entire ecosystem (report storage, sample storage, worker nodes, queue/task management system, web/REST services) is deployed via Ansible (https://github.com/mitre/multiscanner-ansible). The true power of this system is that it stores all the outputs from all of an analysts' malware analysis tools in one highly performant, searchable and scalable data store. Elasticsearch allows for full text searching across all your reports and modules. This allows fast access to interesting details from your malware analysis tools, pivoting between samples, and powerful analytics on report output.