Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/kareimgazer/malware-detector-repeat
simple anti-malware consisting of a system monitor that monitors the system and warns the user in case of any problems like fork bomb or memory bad behavior. it quarantines, kills, and removes the malware.
https://github.com/kareimgazer/malware-detector-repeat
antivirus cyber-security linux malware python
Last synced: about 2 months ago
JSON representation
simple anti-malware consisting of a system monitor that monitors the system and warns the user in case of any problems like fork bomb or memory bad behavior. it quarantines, kills, and removes the malware.
- Host: GitHub
- URL: https://github.com/kareimgazer/malware-detector-repeat
- Owner: KareimGazer
- Created: 2022-02-13T21:31:29.000Z (almost 3 years ago)
- Default Branch: main
- Last Pushed: 2024-08-29T21:28:11.000Z (5 months ago)
- Last Synced: 2024-08-29T23:43:42.805Z (5 months ago)
- Topics: antivirus, cyber-security, linux, malware, python
- Language: Python
- Homepage:
- Size: 3.39 MB
- Stars: 4
- Watchers: 2
- Forks: 1
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Malware-Detector-Repeat
## Abstract
Information security has become ubiquitous in this era. in this project we try to demonstrate a simple anti-malware prototype consisting of a system mointer that mointers the system and warns the user in case of any problems like fork bomb or memory bad behavior, quarantine, kills, and removes the malware.
## System Components
### System Monitor
The main component of the system. presents the user with a summary of system metrics, then ask the user if he wants more info about:
- CPU
- RAM
- Disk
- Network
- fresh new summary
or do a scan or exit. while the program is running a thread running in the background notifies the user about any warnings or potential threats to the system and runs a scan automatically in these cases.
### Processes Scanner
it is a Python script that detects and kills the fork bomb malware which overloads the OS and makes it out of control.
### Memory Scanner
memory eater is a program that allocates and deallocates memory in the heap by a variable size simulating memory-based or fileless malware These types of malware exploit vulnerabilities in memory management to carry out malicious activities without relying heavily on files stored on disk, so this scanner can detect this bad program and finally kills or stops this process.
## Getting started
### VM 🖥️
The development environment is Ubuntu Linux VM and can be extended to other environments.
The script is written in Python 3
- Download the files
- Follow the installation steps:
```bash
sudo apt-get update
sudo apt-get install -y python3-pip
pip install psutil
```
We used the C programming language to build the malicious program, and GCC for the compilation
```bash
sudo apt-get install gcc
gcc memEat.c -o memEat # compile the memory malware
gcc bomb.c -o bomb # compile the fork bomb
```
run
```bash
python main.py # run the antivirus
```
open another terminal and run the malware you want to experiment with
## Docker 🐋
```bash
docker build . -t malware-test # build the image
docker run -it malawre-test # run in interactive mode
```
the system monitor will appear, then in another terminal
```bash
docker exec -it bash
```
from there you can run the malware and interact with the detector and experiment
### Sample Output - VM
## Folder Structure
Refer to the following table for information about important directories and files in this repository.
```
Malware-Detector-Repeat
├── screenshots sample output
├── README.md main documentation.
├── SysMonitor.py reads and shows system info
├── Scan.py the scanner: scan thes system for vulnerabilities
└── main.py driver code
```