Menu

Tree [0b7df9] master /
 History

HTTPS access


File Date Author Commit
 XylentAV 2024-05-18 HydraDragonAntivirus HydraDragonAntivirus [0ce643] cs
 XylentLite 2024-05-10 HydraDragonAntivirus HydraDragonAntivirus [07e24f] database update
 backend 2024-05-23 HydraDragonAntivirus HydraDragonAntivirus [0b7df9] todo finish
 basicmachinelearning 2024-05-12 HydraDragonAntivirus HydraDragonAntivirus [cc2bbf] final moments
 execonverter 2024-05-10 HydraDragonAntivirus HydraDragonAntivirus [80f5d8] Xylent Lite Edition Final fixs
 execonverterlite 2024-05-17 HydraDragonAntivirus HydraDragonAntivirus [21ba3d] important fix
 execonverteroptiıonalscanner unknown
 images 2024-04-02 HydraDragonAntivirus HydraDragonAntivirus [21ea7f] compilied python source
 src 2024-05-18 HydraDragonAntivirus HydraDragonAntivirus [59f91d] sifirdan python ile yapmak daha mantikli
 .gitignore 2024-02-04 Emirhan Uçan Emirhan Uçan [7d4b3e] Adding Frontent code
 LICENSE.txt 2024-05-10 HydraDragonAntivirus HydraDragonAntivirus [67c0d9] Xylent Lite Edition Alpha complete
 README.md 2024-05-10 HydraDragonAntivirus HydraDragonAntivirus [de229e] Xylent lite edition
 READMElite.md 2024-05-10 HydraDragonAntivirus HydraDragonAntivirus [9c4aa9] Xylent Super Lite Edition
 after.txt 2024-05-10 HydraDragonAntivirus HydraDragonAntivirus [2c7091] Lite edition
 afterlite.txt 2024-05-13 HydraDragonAntivirus HydraDragonAntivirus [546315] release coming
 afteroptionalscanner.txt 2024-05-18 HydraDragonAntivirus HydraDragonAntivirus [d50343] optional scanner
 index.html 2024-02-04 Emirhan Uçan Emirhan Uçan [7d4b3e] Adding Frontent code
 main.js 2024-02-04 Emirhan Uçan Emirhan Uçan [7d4b3e] Adding Frontent code
 nutikaandpyinstaller.txt 2024-05-10 HydraDragonAntivirus HydraDragonAntivirus [67c0d9] Xylent Lite Edition Alpha complete
 nutikaandpyinstallerlite.txt 2024-05-10 HydraDragonAntivirus HydraDragonAntivirus [67c0d9] Xylent Lite Edition Alpha complete
 nutikaandpyinstalleroptionalscanner.txt 2024-05-18 HydraDragonAntivirus HydraDragonAntivirus [d50343] optional scanner
 package.json 2024-04-03 HydraDragonAntivirus HydraDragonAntivirus [3c9eb1] 0.0.1 pre release
 setup.iss 2024-05-10 HydraDragonAntivirus HydraDragonAntivirus [321361] Xylent Lite and Full Edition
 setuplite.iss 2024-05-13 HydraDragonAntivirus HydraDragonAntivirus [7656ec] important very small fix2
 setupoptionalscanner.iss 2024-05-18 HydraDragonAntivirus HydraDragonAntivirus [d50343] optional scanner
 store.js 2024-02-04 Emirhan Uçan Emirhan Uçan [7d4b3e] Adding Frontent code
 webpack.common.js 2024-02-04 Emirhan Uçan Emirhan Uçan [7d4b3e] Adding Frontent code
 yarn.lock 2024-04-02 HydraDragonAntivirus HydraDragonAntivirus [21ea7f] compilied python source

Read Me

Xylent

  • A powerful antivirus built using Electron framework and python

Added Features

  • Real Time System Watch
  • Database based quering(md5, sha1, sha256, ssdeep and tlsh)
  • Yara based pattern matching analysis
  • Machine learning AI module
  • Executable file signature and integrity analysis
  • Quarantine Handler
  • Startup Items Management
  • Configurable Quick Settings
  • Basic Scans -> Quick

Xylent Interface

Xylent Antivirus Dashboard




Features Demonstration

Real Time Protection Demo:

  • Xylent is capable of detecting and removing Malware
  • Blocks drive by downloads
  • Prevents malware replication
  • Blocks malware on file opening,renaming as well as copying
  • Detects newly opened files

https://github.com/Rutuj-Runwal/Xylent/assets/59436520/38a76c6f-3bbe-49d7-baa0-c386d96e6492

Quarantine Management Demo:

  • Objects detected are placed into a secure quarantine folder
  • Xylent's UI provides a simple interface to restore or safely remove the files

https://github.com/Rutuj-Runwal/Xylent/assets/59436520/86a85662-251d-4d20-a478-055ec5490222

Archive Auto Repair

  • Automatically repair's archive containing malicious files
  • Repairs infected files and keeps important data in the archive safe

https://github.com/Rutuj-Runwal/Xylent/assets/59436520/9a5dda8e-2817-4ce4-b570-9799817dc2f8

Startup monitor Demo:

  • Xylent monitors startup items for potential malware
  • Currently uses baseline unusual characters and patterns in processname of startup IOC's
  • Enable/Disable startup items directly via Xylent's UI

https://github.com/Rutuj-Runwal/Xylent/assets/59436520/99a0af23-0e1e-4f5e-abcc-c7daffc8774f

Expected Features/Coming Soon

  • Intelligent/Smart cleaning
    • Cache cleaner -> temp,prefetch, Browser cache...
    • Automatically apply recommended OS settings
  • File Insights: VirusTotal based quering,
  • Web Insights: whois lookup for inbound/outbound urls, virustotal / McAfee siteadvisor
  • Basic Scans --> Full,Custom,Memory based scans

Ambitious/Nice-To-Haves' Features

  • Vulnerability Scanner [CVE lookup]
  • MITRE ATT&CK report for threats
  • In process interruption of malware execution
  • [LINUX] ClamAV integration
  • File entropy and ML based Heuristic
  • AI based malicious pattern detection
  • IDS/IPS & HIPS

Tech Stack:

  • Python
    • Flask
    • yara
  • ElectronJS
  • ReactJS
  • Webpack/babel

npm i

npm run watch

python engine.py

npm start

Architecture

  • Flask backend: run using python engine.py
  • Electron based frontend built on ReactJS
    • npm install to install dependencies
    • npm run watch to compile using webpack
    • Finally npm start to run the app

### Target Environment
- Currently in development with main focus towards Windows x64 systems
- Requires Administrator privilages for certain features
- Extending capabilites towards Linux at a later stage

Acknowledgements and References

  • Use signature base by Florian Roth under Detection Rules license for additional detection capabitiies. Place the yare rules in /backend/signature-base/yara/
  • Custom simple "Dummy" yara rules - ruleA & ruleB to detect test malware( of type .docx and .pdf) designed specifically for Xylent Antivirus

Credits

Want the latest updates on software, tech news, and AI?
Get latest updates about software, tech news, and AI from SourceForge directly in your inbox once a month.