MultiScanner is a document research framework that assists the consumer in comparing a suite of recordsdata via mechanically working a set of gear for the consumer and aggregating the output. Equipment can also be customized constructed python scripts, internet APIs, device working on any other device, and so on. Equipment are included via growing modules that run within the MultiScanner framework.
Modules are designed to be temporarily written and simply included into the framework. These days written and maintained modules are associated with malware analytics, however the framework isn’t restricted to that scope. For an inventory of modules you’ll glance in modules ^(https://draft.appmarsh.com/MITRECND/multiscanner/blob/master/modules), descriptions and config choices can also be present in medical doctors/modules.md ^(https://draft.appmarsh.com/MITRECND/multiscanner/blob/master/docs/modules.md)
set up.sh ^(https://draft.appmarsh.com/MITRECND/multiscanner/blob/master/install.sh), which installs the necessities on maximum methods.
If you are working on a RedHat or Debian primarily based linux distribution you must attempt to run set up.sh ^(https://draft.appmarsh.com/MITRECND/multiscanner/blob/master/install.sh). Differently the desired python applications are outlined in necessities.txt ^(https://draft.appmarsh.com/MITRECND/multiscanner/blob/master/requirements.txt).
MultiScanner should have a configuration document to run. Generate the MultiScanner default configuration via working
python multiscanner.py init after cloning the repository. This command can be utilized to rewrite the configuration document to its default state or, if new modules were written, so as to add their configuration to the configuration document.
Default modules be able to be run in the neighborhood or by way of SSH. The improvement staff runs MultiScanner on a Linux host and hosts nearly all of analytical gear on a separate Home windows device. The SSH server used on this atmosphere is freeSSHd from http://www.freesshd.com/ ^(http://www.freesshd.com/).
A community proportion obtainable to each the MultiScanner and the Analytic Machines is required for the multi-device setup. As soon as configured, the community proportion trail should be known within the configuration document, config.ini. To do that, set the
copyfilesto possibility beneath
[main] to be the mount level at the gadget working MultiScanner. Modules will have a
substitute trail possibility, which is the community proportion mount level at the analytic device.
Modules are supposed to be temporarily written and included into the framework. A completed module should be positioned within the modules folder prior to it may be used. The configuration document does no longer wish to be manually up to date. See medical doctors/module_writing.md ^(https://draft.appmarsh.com/MITRECND/multiscanner/blob/master/docs/module_writing.md) for more info.
Modules are configured inside the configuration document, config.ini. See medical doctors/modules.md ^(https://draft.appmarsh.com/MITRECND/multiscanner/blob/master/docs/modules.md) for more info.
MultiScanner can also be included as a module in any other tasks. Under is an easy instance of easy methods to import MultiScanner right into a Python script.
output = multiscanner.multiscan(FileList)
Effects = multiscanner.parse_reports(output, python=True)
Effects is a dictionary object the place every key’s a filename of a scanned document.
multiscanner.config_init(filepath) will create a default configuration document at the site outlined via filepath.
For more info on module configuration or writing modules take a look at the medical doctors ^(https://draft.appmarsh.com/MITRECND/multiscanner/blob/master/docs) folder.
Obtain MultiScanner ^(https://github.com/MITRECND/multiscanner)