Newest Project is here https://sourceforge.net/projects/xylent/
- A powerful antivirus built using Electron framework and python
- Download malware definations here: https://mega.nz/file/rgx2CRiD#98Sm_zex7ImsXhObf9bU1qJK6YIWVR6l0z582TuLx8U
- Real Time System Watch
- Database based quering(md5, sha1, sha256, ssdeep and tlsh)
- Yara based pattern matching analysis
- Executable file signature and integrity analysis
- Quarantine Handler
- Startup Items Management
- Configurable Quick Settings
- Basic Scans -> Quick
- Xylent is capable of detecting and removing Malware
- Blocks drive by downloads
- Prevents malware replication
- Blocks malware on file opening,renaming as well as copying
- Detects newly opened files
Xylent.Antivirus.Realtime.Protection.Demo.mp4
- Objects detected are placed into a secure quarantine folder
- Xylent's UI provides a simple interface to restore or safely remove the files
Xylent.Antivirus.Quaratine.Management.mp4
- Automatically repair's archive containing malicious files
- Repairs infected files and keeps important data in the archive safe
Xylent.Antivirus.Archive.Auto.Repair.mp4
- Xylent monitors startup items for potential malware
- Currently uses baseline unusual characters and patterns in processname of startup IOC's
- Enable/Disable startup items directly via Xylent's UI
Xylent.StartupMonitor_Demo.mp4
- Intelligent/Smart cleaning
- Cache cleaner -> temp,prefetch, Browser cache...
- Automatically apply recommended OS settings
- File Insights: VirusTotal based quering,
- Web Insights: whois lookup for inbound/outbound urls, virustotal / McAfee siteadvisor
- Basic Scans --> Full,Custom,Memory based scans
- Vulnerability Scanner [CVE lookup]
- MITRE ATT&CK report for threats
- In process interruption of malware execution
- [LINUX] ClamAV integration
- File entropy and ML based Heuristic
- AI based malicious pattern detection
- IDS/IPS & HIPS
- Python
- Flask
- yara
- ElectronJS
- ReactJS
- Webpack/babel
npm i
npm run watch
python engine.py
npm start
- Flask backend: run using
python engine.py
- Electron based frontend built on ReactJS
npm install
to install dependenciesnpm run watch
to compile using webpack- Finally
npm start
to run the app
- Currently in development with main focus towards Windows x64 systems
- Requires Administrator privilages for certain features
- Extending capabilites towards Linux at a later stage
- Use signature base by Florian Roth under Detection Rules license for additional detection capabitiies. Place the yare rules in
/backend/signature-base/yara/
- Custom simple "Dummy" yara rules - ruleA & ruleB to detect test malware( of type .docx and .pdf) designed specifically for Xylent Antivirus
- Thanks for the malware database at sha256_db.txt https://github.com/anic17/Batch-Antivirus