Assemblyline - CSE
-
The Canadian Spy Agency CSE (Communications Security Establishment) released an open source code scanner to look for malicious software. In reading about it here: http://www.cbc.ca/news/technology/cse-canada-cyber-spy-malware-assemblyline-open-source-1.4361728 I was wondering if it could be implemented as a tool to scan incoming files through a firewall. To me it looks like it contains a series of wrappers or plugins to existing malware scanners. It does look like there is a way to use Surricata to investigate network traffic.
CSE-Assemblyline: https://bitbucket.org/cse-assemblyline/
Documentation starts here: https://bitbucket.org/cse-assemblyline/assemblyline