Wednesday, April 29, 2015

MASTIFF Online

MASTIFF has been a pet project of mine for about two years now. While it has not progressed as far as I would have liked, we made a major announcement this week.

On Monday, a free online interface to MASTIFF was released at https://mastiff-online.korelogic.com/. This interface allows anyone to upload files, have MASTIFF process the files, and see the results generated.

If you are not familiar with MASTIFF, it is an open source framework for automating the static analysis of malware. It essentially will determine the type of file you are analyzing and only run the static analysis techniques for that file against it. This allows fast extraction of data the analyst can then examine.

The online interface was created for two reasons:

1. When you start processing a number of different file types, the pre-requisites start to get cumbersome and difficult to install. The online interface alleviates this by allowing you to analyze files without installing everything.

2. Our #1 request was a web interface to the system. While the interface used on MASTIFF Online is not open source itself, we are hoping this will give users what they want.

If anyone has any questions/comments/suggestions to MASTIFF or the site, please let me know!