GitPlanet

Cheap and reliable Node.js hosting starts at $3/month, and $1/month static HTML hosting

Created with love in Canada, visit hostnodejs.com today

Feel like to post an Ad? Learn Details
All Projects → evilsocket → Ergo Pe Av

evilsocket / Ergo Pe Av

Licence: other
🧠 🦠 An artificial neural network and API to detect Windows malware, based on Ergo and LIEF.

Programming Languages

python
139335 projects - #7 most used programming language

Labels

machine-learningapikerasgpumalwareantivirus

Projects that are alternatives of or similar to Ergo Pe Av

Fidl
A sane API for IDA Pro's decompiler. Useful for malware RE and vulnerability research
Stars: ✭ 319 (+145.38%)
Mutual labels:  api, malware
Thefatrat
Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV softw…
Stars: ✭ 5,944 (+4472.31%)
Mutual labels:  malware, antivirus
Phpmussel
PHP-based anti-virus anti-trojan anti-malware solution.
Stars: ✭ 337 (+159.23%)
Mutual labels:  malware, antivirus
MalwareHashDB
Malware hashes for open source projects.
Stars: ✭ 31 (-76.15%)
Mutual labels:  malware, antivirus
Malice
VirusTotal Wanna Be - Now with 100% more Hipster
Stars: ✭ 1,253 (+863.85%)
Mutual labels:  malware, antivirus
Yobi
Yara Based Detection Engine for web browsers
Stars: ✭ 39 (-70%)
Mutual labels:  malware, antivirus
Hacktheworld
An Python Script For Generating Payloads that Bypasses All Antivirus so far .
Stars: ✭ 527 (+305.38%)
Mutual labels:  malware, antivirus
Defeat-Defender-V1.2
Powerful batch script to dismantle complete windows defender protection and even bypass tamper protection ..Disable Windows-Defender Permanently....Hack windows. POC
Stars: ✭ 885 (+580.77%)
Mutual labels:  malware, antivirus
Php Malware Finder
Detect potentially malicious PHP files
Stars: ✭ 1,245 (+857.69%)
Mutual labels:  malware, antivirus
Keras object detection
Convert any classification model or architecture trained in keras to an object detection model
Stars: ✭ 28 (-78.46%)
Mutual labels:  api, gpu
MSE
Malware sample exchange system and API intended for Anti-Virus companies and researchers.
Stars: ✭ 14 (-89.23%)
Mutual labels:  malware, antivirus
Green Hat Suite
Green-hat-suite is a tool to generate meterpreter/shell which could evade antivirus.
Stars: ✭ 112 (-13.85%)
Mutual labels:  malware, antivirus
fake-sandbox
👁‍🗨 This script will simulate fake processes of analysis sandbox/VM software that some malware will try to avoid.
Stars: ✭ 110 (-15.38%)
Mutual labels:  malware, antivirus
Bmw Tensorflow Inference Api Gpu
This is a repository for an object detection inference API using the Tensorflow framework.
Stars: ✭ 277 (+113.08%)
Mutual labels:  api, gpu
malice-av
Malice AntiVirus Plugins
Stars: ✭ 98 (-24.62%)
Mutual labels:  malware, antivirus
Multiscanner
Modular file scanning/analysis framework
Stars: ✭ 494 (+280%)
Mutual labels:  malware, antivirus
JustEvadeBro
JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses.
Stars: ✭ 63 (-51.54%)
Mutual labels:  malware, antivirus
Batch-Antivirus
Batch Antivirus, a powerful antivirus suite written in batch with real-time protection and heuristical scanning.
Stars: ✭ 26 (-80%)
Mutual labels:  malware, antivirus
Neanderthal
Fast Clojure Matrix Library
Stars: ✭ 927 (+613.08%)
Mutual labels:  api, gpu
Arsenal
Extensible Red Team Framework
Stars: ✭ 99 (-23.85%)
Mutual labels:  api, malware
View All Similar Projects ➔

An artificial neural network and API to detect Windows malware, based on Ergo and LIEF.

Installation

cd /path/to/ergo-pe-av
sudo pip3 install -r requirements.txt

Use as an API

ergo serve /path/to/ergo-pe-av --classes "clean, malware"

From the client, to scan a file that the server can access too:

curl "http://localhost:8080/?x=/path/to/file.exe"
# or
curl --data "x=/path/to/file.exe" "http://localhost:8080/"

To upload the whole file:

curl -F "[email protected]/path/to/file.exe" "http://localhost:8080/"

To encode a file to a vector of raw features:

curl -F "[email protected]/path/to/file.exe" "http://localhost:8080/encode"

To scan a vector of raw features:

curl --data "x=0.0,0.0,0.0,0.0,0.0,0.0,0.0,1.0,1.0,0.0,0.0,0.847058823529,......" "http://localhost:8080/"

Model Statistics

The dataset is made of ~200000 samples divided in two subfolders:

  • classes/pe-malicious with 100000 malware samples from VirusTotal
  • classes/pe-clean with 100000 clean samples

The dataset.csv training file has been generated with:

ergo encode ergo-pe-av /media/evilsocket/4TB/datapath-pe/classes --filter "*.exe"
Training ROC/AUC
Training Validation Testing

License

Made with ♥ by the dev team and it is released under the GPL 3 license.

Note that the project description data, including the texts, logos, images, and/or trademarks, for each open source project belongs to its rightful owner. If you wish to add or remove any projects, please contact us at [email protected].