/GoAnti-Malware

A C# Malware Scanning Engine.

Primary LanguageC#Apache License 2.0Apache-2.0

GoAnti-Malware

GoAnti-Malware is a simple C# application I am working on for fun and to learn more about security and malware in general. The GoAnti-Malware Toolkit is going to contain a few tools in which will help developers and analysts detect, catalogue and find new threats.

Currently GoAnti-Malware is being designed as a simple byte[] pattern scanning engine however I plan to implement more advanced scanning techniques later.

If you are interested in collaborating in this project or wish to contribute to the threat detect database please feel free to contact me.

Currently Implemented (Library)

  • Definition Database
  • Static File Analysis
  • Dynamic File Analysis (Simple Heuristic Engine; Behaviour)
  • Dynamic Process Analysis (Simple Heuristic Engine; Behaviour)
  • UPX Unpacking - Decompress and analyze upx packed samples
  • Multi-Threaded Scan Engine
  • Persistent File Remover (Attempts to close processes and remove malware, if fails attempts on reboot)

To-do List

  • Static Process Analysis (Pattern Scanning Process)

GUI

Recently I have started a GUI based client program for users looking to utilize this system as a method of protection. The GUI based client is still under construction however will receive it's own website once the project is complete. In the mean time enjoy some screenshots:

Dashboard

Dash

Scanner

Scanner

Settings

Settings

Scheduler

Scheduler

Realtime Protection

Realtime

Databaser Application

Databaser

Test Scanner Application

TestScanner