Recently, GitHub published an open source multiple AV scanner framework, called as PlagueScanner. This open source multiple AV scanner framework is created by security researcher Robert Simmons. PlagueScanner framework is quite similar to the popular AV scanner owned by Google, VirusTotal.
Just like VirusTotal, PlagueScanner lets companies and individual users to scan any file with different antivirus engines. And for this, they don’t have to install the antivirus engines on a single PC or to scan the files in different environments. However, when the files to scanned are private and sensitive, it might become a security hazard, when the files are uploaded on AV scanner’s server; in this case VirusTotal’s server. To keep security checks of such files uploaded on third party servers becomes a difficult task. However, this issue is tackled well with PlagueScanner, the open source multiple AV scanner framework.
PlagueScanner – Multiple AV scanner framework
PlagueScanner, the open source multiple AV scanner framework is based on a very few requirements. Hence, even a small company or a startup that cannot afford a full-fledged enterprise level antivirus and security system, can use PlagueScanner. The framework can be easily installed on the internal network. It is an open source framework; hence PlagueScanner is capable of supporting only a few AV agents.
PlagueScanner has very few names of AV clients in its kitty at the moment. The framework is developed in Python. The framework includes single-file core and various antivirus agents that connect with various antivirus engines. Thus the files uploaded by the user are scanned securely. Currently, this open source multiple AV scanner framework supports antivirus engines like Trend Micro, Microsoft’s Windows Defender, ESET, Clam AV, BitDefender and Avast. In order to support these AV agents, PlagueScanner needs an NGINX server to run from and few Python libraries.
Currently PlagueScanner can support only a few antivirus programs. However, it is expected that the developers and the other AV companies will submit their AV agents to the PlagueScanner core very soon. Besides, Robert Simmons has announced an ElasticSearch output plugin and JSON report output capabilities to be added to PlagueScanner so as to record the scanning results.
More at GitHub.