Python based Tool for basic signature based Malware detection in drives,running process and identifying unknown malwares using imphash.
People use computers for all kind of activities: online gaming, shopping, entertainment, emails, face book, study, research, etc. At the same time, the risk of infection by malicious programs in these computers is rising. Though the existing antivirus solutions do help to prevent these attacks but they cannot classify or protect from zero day exploits and also most antivirus solutions do not offer process based protection. Our intent is to demonstrate a proof of concept for such an endpoint security application which protects us against malicious internet traffic and also protect from unknown malwares by using techniques like CDR(Content Disarming and reconstruction) and Imp Hash Comparison.
Python packages to be installed
-
Psutil
-
Watchdog
-
Requests
-
sqlite3
-
Pefile
-
Doc convert exe with path configured