{"id":27069372,"url":"https://github.com/87owo/pyas","last_synced_at":"2026-04-18T21:01:23.333Z","repository":{"id":42159797,"uuid":"389811975","full_name":"87owo/PYAS","owner":"87owo","description":"Antivirus software written in Python and C++ that blocks threats through deep learning and behavioral monitoring!","archived":false,"fork":false,"pushed_at":"2026-04-17T17:41:13.000Z","size":1385939,"stargazers_count":315,"open_issues_count":0,"forks_count":31,"subscribers_count":9,"default_branch":"main","last_synced_at":"2026-04-17T19:31:38.179Z","etag":null,"topics":["antivirus","cnn","cpp","keras","kernel","lightgbm","onnx","pefile","protect","python","scanner","security","tensorflow","tools","windows","yara"],"latest_commit_sha":null,"homepage":"https://pyas-security.com","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"other","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/87owo.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.txt","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2021-07-27T01:17:33.000Z","updated_at":"2026-04-17T17:41:18.000Z","dependencies_parsed_at":"2023-09-23T09:08:21.586Z","dependency_job_id":"d7b7d239-c967-472c-8c7e-c147c5654b20","html_url":"https://github.com/87owo/PYAS","commit_stats":null,"previous_names":[],"tags_count":149,"template":false,"template_full_name":null,"purl":"pkg:github/87owo/PYAS","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/87owo%2FPYAS","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/87owo%2FPYAS/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/87owo%2FPYAS/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/87owo%2FPYAS/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/87owo","download_url":"https://codeload.github.com/87owo/PYAS/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/87owo%2FPYAS/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31984557,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-18T20:23:30.271Z","status":"ssl_error","status_checked_at":"2026-04-18T20:23:29.375Z","response_time":103,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["antivirus","cnn","cpp","keras","kernel","lightgbm","onnx","pefile","protect","python","scanner","security","tensorflow","tools","windows","yara"],"created_at":"2025-04-05T21:31:25.755Z","updated_at":"2026-04-18T21:01:23.327Z","avatar_url":"https://github.com/87owo.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# PYAS\n\nAntivirus software written in Python and C++ that blocks threats through deep learning and behavioral monitoring!\n\n\u003cimg width=\"2245\" height=\"1477\" alt=\"PYAS_UI\" src=\"https://github.com/user-attachments/assets/87d40261-7655-49ad-a19c-1ffcca60584f\" /\u003e\n\n## Requirements\n\nPython 3.10 is recommended. Other Python versions may require different pip commands.\n\n```\npip install requests==2.32.4\npip install PySide6==6.9.1\npip install yara-python==4.5.4\npip install Pillow==11.0.0\npip install numpy==1.26.4\npip install tensorflow==2.10.0\npip install tf2onnx==1.13.0\npip install lightgbm==4.6.0\npip install onnxruntime==1.18.1\n```\n\n## File Information\n\nThe following lists the storage locations of all relevant code and other related documents.\n\n```\nPYAS/\n├── Embed/\n│   ├── Dockerfile                   # Deploy an embedded command line antivirus engine\n│   └── ...                          # Other microservice for VirusTotal Integration\n│\n├── Engine/\n│   ├── Pattern/\n│   │   ├── convert.py               # Convert executable files or other files to images\n│   │   ├── train.py                 # TensorFlow CNN model training complete code\n│   │   └── ...                      # Other models folders and files\n│   │\n│   ├── Heuristic/\n│   │   ├── rules.yar                # Yara virus signature rule matching\n│   │   └── ...                      # Other rules folders and files\n│   │\n│   └── Properties/\n│       ├── convert.py               # Convert executable files to sql database\n│       ├── train.py                 # Lightgbm model training complete code\n│       └── ...                      # Other models folders and files\n│\n├── Plugins/\n│   └── Filter/\n│   │   ├── DriverEntry.cpp          # Main driver entry and initialization logic\n│   │   ├── DriverCommon.h           # Global driver definitions, constants, and functions\n│   │   └── ...                      # Other driver folders and files\n│   │\n│   └── Rules/\n│       └── rules.json               # White, block list, and matching logic for files registry\n|\n├── PYAS.py                          # Main application entry point and UI to engine interface\n├── PYAS_Config.py                   # Configuration loading, saving, and global parameters\n├── PYAS_Engine.py                   # Core scanning engine: YARA, IP, ONNX model execution\n├── PYAS_Interface.py                # User interface components and event handling\n├── PYAS_Resource.py                 # Static image and icon resource management\n├── PYAS_Version.py                  # Version metadata for packaging and updates\n└── ...                              # Other supplementary folders and files\n```\n\n## Architecture diagram\n\nPYAS Security antivirus software general architecture diagram.\n\n```mermaid\ngraph TD\n    %% Global Styles\n    classDef userMode fill:#e3f2fd,stroke:#1565c0,stroke-width:2px,color:#0d47a1\n    classDef kernelMode fill:#fff3e0,stroke:#e65100,stroke-width:2px,color:#e65100\n    classDef storage fill:#f3e5f5,stroke:#7b1fa2,stroke-width:2px,color:#4a148c\n    classDef interaction fill:#e8f5e9,stroke:#2e7d32,stroke-width:2px,stroke-dasharray: 5 5,color:#1b5e20\n\n    subgraph UserSpace [User Mode Application - PYAS.exe]\n        direction TB\n        \n        GUI[MainWindow_Controller / UI]:::userMode\n        ConfigMgr[Configuration \u0026 Rule Manager]:::userMode\n        \n        subgraph DetectionEngine [Analysis Engine - PYAS_Engine.py]\n            direction TB\n            SignScanner[Digital Signature Scanner]:::userMode\n            PEScanner[PE Feature \u0026 Entropy Analysis]:::userMode\n            YaraScanner[Heuristic / YARA Scanner]:::userMode\n            CNNScanner[AI / CNN Model Scanner]:::userMode\n            CloudScanner[Cloud API / Hash Check]:::userMode\n        end\n\n        subgraph UserMonitors [User-Mode Protection Threads]\n            direction TB\n            ProcMon[Process Monitor - CreateToolhelp32Snapshot]:::userMode\n            FileMon[File Monitor - ReadDirectoryChangesW]:::userMode\n            NetMon[Network Monitor - GetExtendedTcpTable]:::userMode\n            SysRep[System Repair - MBR/Reg/Wallpaper]:::userMode\n            PopupBlock[Popup Blocker - EnumWindows]:::userMode\n            PipeClient[IPC Client Thread]:::userMode\n        end\n\n        GUI --\u003e ConfigMgr\n        GUI --\u003e DetectionEngine\n        GUI --\u003e UserMonitors\n        UserMonitors --\u003e DetectionEngine\n    end\n\n    subgraph StorageLayer [File System / Configuration]\n        direction LR\n        JSONRules[JSON Rules Files]:::storage\n        ConfigJSON[Config.json]:::storage\n        Quarantine[Quarantine Folder]:::storage\n    end\n\n    subgraph KernelSpace [Kernel Mode Driver - PYAS_Driver.sys]\n        direction TB\n        \n        DriverEntry[DriverEntry / Initialization]:::kernelMode\n        GlobalData[Global Data \u0026 State]:::kernelMode\n        CommServer[Communication Port Server]:::kernelMode\n\n        subgraph KernelLogic [Core Protection Logic]\n            RuleLoader[Rule Loader \u0026 Parser]:::kernelMode\n            TrustCache[Trust Cache \u0026 Ransom Tracker]:::kernelMode\n            \n            subgraph MiniFilter [File System MiniFilter]\n                PreCreate[PreCreate: HoneyToken / Access Control]:::kernelMode\n                PreWrite[PreWrite: Ransomware / Entropy Check]:::kernelMode\n                PreSetInfo[PreSetInfo: Anti-Rename / Extension]:::kernelMode\n                PreDevCtrl[PreDeviceControl: Boot / Disk Wipe Protect]:::kernelMode\n            end\n\n            subgraph ObjectCallbacks [Object Manager Callbacks]\n                ProcProtect[ObRegisterCallbacks: Handle Stripping]:::kernelMode\n                ImageLoad[PsSetLoadImageNotifyRoutine: Image Blocking]:::kernelMode\n            end\n\n            subgraph RegistryCallbacks [Configuration Manager Callbacks]\n                RegFilter[CmRegisterCallbackEx: Registry Guard]:::kernelMode\n            end\n        end\n\n        DriverEntry --\u003e GlobalData\n        DriverEntry --\u003e CommServer\n        DriverEntry --\u003e MiniFilter\n        DriverEntry --\u003e ProcProtect\n        DriverEntry --\u003e ImageLoad\n        DriverEntry --\u003e RegFilter\n        \n        MiniFilter --\u003e RuleLoader\n        ProcProtect --\u003e RuleLoader\n        RegFilter --\u003e RuleLoader\n        \n        PreWrite --\u003e TrustCache\n        PreCreate --\u003e TrustCache\n    end\n\n    %% Cross-Boundary Interactions\n    ConfigMgr -- Writes --\u003e JSONRules\n    ConfigMgr -- Writes --\u003e ConfigJSON\n    RuleLoader -- Reads --\u003e JSONRules\n    \n    GUI -- Service Control (SCM) --\u003e DriverEntry\n    PipeClient -- FltSendMessage (IPC) --\u003e CommServer\n    CommServer -- Notifications --\u003e PipeClient\n    \n    FileMon -- Moves Malicious Files --\u003e Quarantine\n    \n    %% Logic Flow Details\n    ProcProtect -- Protects --\u003e UserSpace\n    RegFilter -- Protects --\u003e StorageLayer\n    PreDevCtrl -- Protects --\u003e StorageLayer\n```\n\n## Support System\n\n| Config    | Permissions   | System version       | Processor | Memory | Storage |\n|-----------|---------------|----------------------|-----------|--------|---------|\n| Minimum   | Administrator | \u003e= Windows 10 (20H1) | 1 GHz     | 200MB  | 100MB   |\n| Recommend | Administrator | \u003e= Windows 10 (21H2) | 3 GHz     | 500MB  | 200MB   |\n\n## Packaged Releases\n\nDownload the installer. If it is incompatible with your system, you can repackage it yourself.\n\nPackaged Download: https://github.com/87owo/PYAS/releases\n\n## Official Website\n\nIf you are interested in this project, you can visit the website to see other related content.\n\nSource Available : https://github.com/87owo/PYAS\n\nOfficial Website : https://pyas-security.com/antivirus\n\nOnline Analyze : https://pyas-security.com/analyze\n\n## Project License\n\nFor any questions, needs, or bug feedback, please contact us through the following website.\n\nSource Issues : https://github.com/87owo/PYAS/issues\n\nOfficial Email : service@pyas-security.com\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F87owo%2Fpyas","html_url":"https://awesome.ecosyste.ms/projects/github.com%2F87owo%2Fpyas","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2F87owo%2Fpyas/lists"}