{"id":13529931,"url":"https://github.com/mitre/multiscanner","last_synced_at":"2025-04-04T16:16:23.907Z","repository":{"id":30322748,"uuid":"33875018","full_name":"mitre/multiscanner","owner":"mitre","description":"Modular file scanning/analysis framework","archived":false,"fork":false,"pushed_at":"2019-10-08T14:12:14.000Z","size":6377,"stargazers_count":611,"open_issues_count":38,"forks_count":126,"subscribers_count":59,"default_branch":"master","last_synced_at":"2024-05-23T06:51:01.151Z","etag":null,"topics":["analysis-framework","analytic-machines","antivirus","cuckoo","linux","malware","malware-analysis","malware-analyzer","malware-research","metadata","python","python-script","scanning","yara"],"latest_commit_sha":null,"homepage":"http://multiscanner.readthedocs.io/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mitre.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2015-04-13T14:58:48.000Z","updated_at":"2024-05-19T09:13:01.000Z","dependencies_parsed_at":"2022-08-08T22:15:13.379Z","dependency_job_id":null,"html_url":"https://github.com/mitre/multiscanner","commit_stats":null,"previous_names":[],"tags_count":7,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mitre%2Fmultiscanner","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mitre%2Fmultiscanner/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mitre%2Fmultiscanner/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mitre%2Fmultiscanner/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mitre","download_url":"https://codeload.github.com/mitre/multiscanner/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":247208183,"owners_count":20901570,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["analysis-framework","analytic-machines","antivirus","cuckoo","linux","malware","malware-analysis","malware-analyzer","malware-research","metadata","python","python-script","scanning","yara"],"created_at":"2024-08-01T07:00:40.934Z","updated_at":"2025-04-04T16:16:23.888Z","avatar_url":"https://github.com/mitre.png","language":"Python","readme":"MultiScanner\n============\n[![Build Status](https://travis-ci.org/mitre/multiscanner.svg)](https://travis-ci.org/mitre/multiscanner)\n\nIntroduction\n------------\nMultiScanner is a file analysis framework that assists the user in evaluating a set\nof files by automatically running a suite of tools for the user and aggregating the output.\nTools can be custom built Python scripts, web APIs, software running on another machine, etc.\nTools are incorporated by creating modules that run in the MultiScanner framework.\n\nModules are designed to be quickly written and easily incorporated into the framework.\nCurrently written and maintained modules are related to malware analytics, but the framework is not limited to that\nscope. For a list of modules you can look in [modules/](modules). Descriptions and config\noptions can be found on the [Analysis Modules](http://multiscanner.readthedocs.io/en/latest/use/use-analysis-mods.html) page.\n\nMultiScanner also supports a distributed workflow for sample storage, analysis, and\nreport viewing. This functionality includes a web interface, a REST API, a distributed\nfile system (GlusterFS), distributed report storage / searching (Elasticsearch), and\ndistributed task management (Celery / RabbitMQ). Please see [Architecture](http://multiscanner.readthedocs.io/en/latest/arch.html) for more details.\n\nUsage\n-----\n\nMultiScanner can be used as a command-line interface, a Python API, or a\ndistributed system with a web interface. See the documentation for more detailed\ninformation on [installation](http://multiscanner.readthedocs.io/en/latest/install.html) and [usage](http://multiscanner.readthedocs.io/en/latest/use/index.html).\n\n### Command-Line ###\n\nInstall Python (2.7 or 3.4+) if you haven't already.\n\nThen run the following (substituting the actual file you want to scan for `\u003cfile\u003e`):\n\n``` bash\n$ git clone https://github.com/mitre/multiscanner.git\n$ cd multiscanner\n$ sudo -HE ./install.sh\n$ multiscanner init\n```\n\nThis will generate a default configuration for you. Check `config.ini` to see what\nmodules are enabled. See [Configuration](http://multiscanner.readthedocs.io/en/latest/install.html#configuration) for more information.\n\nNow you can scan a file (substituting the actual file you want to scan for `\u003cfile\u003e`):\n\n``` bash\n$ multiscanner \u003cfile\u003e\n```\n\nYou can run the following to get a list of all of MultiScanner's command-line options:\n\n``` bash\n$ multiscanner --help\n```\n\n**Note**: If you are not on a RedHat or Debian based Linux distribution, instead of\nrunning the `install.sh` script, install pip (if you haven't already) and run the\nfollowing:\n\n``` bash\n$ pip install -r requirements.txt\n```\n\n### Python API ###\n\n``` python\nimport multiscanner\nmultiscanner.config_init(filepath)\noutput = multiscanner.multiscan(file_list)\nresults = multiscanner.parse_reports(output, python=True)\n```\n\n### Web Interface ###\n\nInstall the latest versions of [Docker](https://docs.docker.com/engine/installation/)\nand [Docker Compose](https://docs.docker.com/compose/install/) if you haven't already.\n\n``` bash\n$ git clone https://github.com/mitre/multiscanner.git\n$ cd multiscanner\n$ docker-compose up\n```\n\nYou may have to wait a while until all the services are up and running, but then you\ncan use the web interface by going to `http://localhost:8000` in your web browser.\n\n*Note*: this should not be used in production; it is simply an introduction to what a\nfull installation would look like. See [here](http://multiscanner.readthedocs.io/en/latest/install.html#standalone-docker-installation) for more details.\n\nDocumentation\n-------------\nFor more information, see the [full documentation](http://multiscanner.readthedocs.io/) on ReadTheDocs.\n","funding_links":[],"categories":["Detection and Classification","\u003ca id=\"8f92ead9997a4b68d06a9acf9b01ef63\"\u003e\u003c/a\u003e扫描器\u0026\u0026安全扫描\u0026\u0026App扫描\u0026\u0026漏洞扫描","Automation","Tools","Python","Python (1887)","自动化工具","\u003ca id=\"132036452bfacf61471e3ea0b7bf7a55\"\u003e\u003c/a\u003e工具","Malware Analysis","Automation and Convention"],"sub_categories":["Other Resources","\u003ca id=\"de63a029bda6a7e429af272f291bb769\"\u003e\u003c/a\u003e未分类-Scanner","Code libraries and bindings","代码库和绑定","Hashing"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmitre%2Fmultiscanner","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmitre%2Fmultiscanner","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmitre%2Fmultiscanner/lists"}