A Logo

Feel free to include my content in your page via my
RSS feed

Help Irongeek.com pay for
bandwidth and research equipment:

Search Irongeek.com:

Affiliates:
Irongeek Button
Social-engineer-training Button

Help Irongeek.com pay for bandwidth and research equipment:

paypalpixle


PlagueScanner: An Open Source Multiple AV Scanner Framework - Robert Simmons (Circle City Con 2015 Videose 2015) (Hacking Illustrated Series InfoSec Tutorial Videos)

PlagueScanner: An Open Source Multiple AV Scanner Framework
Robert Simmons

Circle City Con 2015

PlagueScanner is an open source framework for organizing any number of AV scanners into one contiguous tool chain. It leverages high speed message queuing along with JSON report output for easy integration into an automated malware analysis lab. An optional ElasticSearch output plugin lets you keep historical data for future searching and further analysis.This project solves the problem of what to do with a sensitive malicious file that you wish to have multiple AV scanner results for, but you are wary about uploading the file to a public site, and you don't want to pay the hefty price for a commercial scanner bank.

Bio: Utkonos is a Senior Threat Intelligence Researcher for ThreatConnect, Inc. With an expertise in building automated malware analysis systems based on open source tools, he has been tracking malware and phishing attacks and picking them apart for years. Utkonos has a background in biology, linguistics, and Russian area studies. He has lived extensively in Russia and Ukraine and has been known to swear profusely and constantly in Russian.

Back to Circle City Con 2015 Videos list

Printable version of this article

15 most recent posts on Irongeek.com:


If you would like to republish one of the articles from this site on your webpage or print journal please contact IronGeek.

Copyright 2016, IronGeek
Louisville / Kentuckiana Information Security Enthusiast