This project is only inactively maintained. This means that I merge pull request for bug fixes and simple features that are easily integrated but new features will be delayed.
The aim is to
- stabilize the current release
- minimize any performance issues
I'm focusing on a CLI based version that will be a sohpisticated scanner, dropping (Real time protection)RTP support, this will be more streamlined and provide a faster experience. [Details for CLI project to be added soon!]
Meanwhile check out Xylent below 👇🏻
A powerful antivirus built using Electron framework and python
- Real Time System Watch
- Database based quering(md5 and sha256)
- Yara based pattern matching analysis
- Executable file signature and integrity analysis
- Quarantine Handler
- Startup Items Management
- Configurable Quick Settings
- Basic Scans -> Quick
Xylent - A powerful antivirus built using Electron framework and python
Copyright (C) 2023-present Rutuj Runwal
This program is free software: you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation, either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see {http://www.gnu.org/licenses/}.
Home: https://github.com/Rutuj-Runwal/Xylent
- Xylent is capable of detecting and removing Malware
- Blocks drive by downloads
- Prevents malware replication
- Blocks malware on file opening,renaming as well as copying
Xylent.Antivirus.Realtime.Protection.Demo.mp4
- Objects detected are placed into a secure quarantine folder
- Xylent's UI provides a simple interface to restore or safely remove the files
Xylent.Antivirus.Quaratine.Management.mp4
- Automatically repair's archive containing malicious files
- Repairs infected files and keeps important data in the archive safe
Xylent.Antivirus.Archive.Auto.Repair.mp4
- Xylent monitors startup items for potential malware
- Currently uses baseline unusual characters and patterns in processname of startup IOC's
- Enable/Disable startup items directly via Xylent's UI
Xylent.StartupMonitor_Demo.mp4
- Fuzzy Hashing based detection
- Intelligent/Smart cleaning
- Cache cleaner -> temp,prefetch, Browser cache...
- Automatically apply recommended OS settings
- File Insights: VirusTotal based quering,
- Web Insights: whois lookup for inbound/outbound urls, virustotal / McAfee siteadvisor
- Basic Scans --> Full,Custom,Memory based scans
- Vulnerability Scanner [CVE lookup]
- MITRE ATT&CK report for threats
- In process interruption of malware execution
- [LINUX] ClamAV integration
- File entropy and ML based Heuristic
- AI based malicious pattern detection
- IDS/IPS & HIPS
- Python
- Flask
- yara
- ElectronJS
- ReactJS
- Webpack/babel
npm i
npm run watch
python engine.py
npm start
- Flask backend: run using
python engine.py - Electron based frontend built on ReactJS
npm installto install dependenciesnpm run watchto compile using webpack- Finally
npm startto run the app
- Currently in development with main focus towards Windows [both 32-bit and 64x] systems
- Requires Administrator privilages for certain features
- Extending capabilites towards Linux at a later stage
- Use signature base by Florian Roth under Detection Rules license for additional detection capabitiies. Place the yare rules in
/backend/signature-base/yara/ - Custom simple "Dummy" yara rules - ruleA & ruleB to detect test malware( of type .docx and .pdf) designed specifically for Xylent Antivirus