PlagueScanner is an open source framework for organizing any number of AV scanners into one contiguous tool chain. It leverages high speed message queuing along with JSON report output for easy integration into an automated malware analysis lab. An optional ElasticSearch output plugin lets you keep historical data for future searching and further analysis.This project solves the problem of what to do with a sensitive malicious file that you wish to have multiple AV scanner results for, but you are wary about uploading the file to a public site, and you don't want to pay the hefty price for a commercial scanner bank.

Bio: Utkonos is a Senior Threat Intelligence Researcher for ThreatConnect, Inc. With an expertise in building automated malware analysis systems based on open source tools, he has been tracking malware and phishing attacks and picking them apart for years. Utkonos has a background in biology, linguistics, and Russian area studies. He has lived extensively in Russia and Ukraine and has been known to swear profusely and constantly in Russian.

Back to Circle City Con 2015 Videos list