# VGLS/Vigilant Scanner
**vgls** is a Python-based CLI tool for monitoring file integrity, detecting changes, analyzing logs and identifying
potential security threats.
---
## 🚀 Features
- **System Integrity Monitoring**: Detect changes in file content, metadata, and structure. Monitor
directories for unauthorized or suspicious changes (permissions, owner, etc).
- **Log Analysis** *(In Progress)*: Analyze logs for security threats and anomalies.
---
## 🛠 Installation
```bash
pip install vigilant-scanner
```
---
## 📋 Usage
1. **Initialize Snapshot**
Create a snapshot of the current directory state and store metadata in the database:
```bash
vgls integrity-init <directory>
```
2. **Scan and Compare**
Scan the directory and compare results with the last snapshot:
```bash
vgls integrity-scan <directory>
```
3. **Update the Database**
Update the database with the current state of the directory:
```bash
vgls update <directory>
```
4. **Log analysis**
Analyse all logs (all files with .log extension) in provided directory on matching with malicious patterns.
```shell
vgls log-scan <directory>
```
**Work is still in progress.** Mostly working on malicious signature collection that will be used here.
---
## ⚙️ How It Works
```bash
# Create database with the current state of a target directory
vgls integrity-init /var/www
# Perform a scan to detect changes
vgls integrity-scan /var/www
# Update the database after legitimate changes are made (deploy was conducted etc.)
vgls integrity-update /var/www
```
1. **Initialization (`init`)**
- Scans a directory and stores metadata (file path, hash, size, permissions, etc.) in a SQLite database.
2. **Scanning and Comparison (`scan`)**
- Scans the directory again and compares the current state with the stored metadata.
- Outputs new, modified, and deleted files.
3. **Updating the Database (`update`)**
- Updates the database to reflect the latest directory state.
- Inserts new files, updates modified files, and removes deleted files.
---
## 📋 Requirements
- Python 3.10+
---
## 🛠 Development
To contribute or run the tool locally:
1. Clone the repository:
```bash
git clone https://github.com/ivpel/vigilant-scanner.git
```
2. Navigate to the project directory:
```bash
cd vigilant-scanner
```
3. Install dependencies:
```bash
pip install -r requirements.txt
```
4. Run tests:
```bash
pytest
```
---
## 📜 License
This project is licensed under the GNU General Public License v3 or later (GPLv3+). See the [LICENSE](LICENSE) file for details.
---
## 💬 Support
If you encounter any issues, feel free to open a ticket on the [GitHub Bug Tracker](https://github.com/ivpel/vigilant-scanner/issues).
---
## 🔗 Links
- **Homepage**: [Vigilant Scanner on GitHub](https://github.com/ivpel/vigilant-scanner)
- **Bug Tracker**: [Report Issues](https://github.com/ivpel/vigilant-scanner/issues)
Raw data
{
"_id": null,
"home_page": null,
"name": "vigilant-scanner",
"maintainer": null,
"docs_url": null,
"requires_python": ">=3.10",
"maintainer_email": null,
"keywords": "change-detection, directory-scanning, file-integrity, infosec, malware-detection, monitoring, scanning, security",
"author": null,
"author_email": "Pelykh Ivan <ivan.pelykh@protonmail.com>",
"download_url": "https://files.pythonhosted.org/packages/2a/29/765e49422a7f2631275fcbb1850d20bf9b3177f02f68cd4e0544ba3db383/vigilant_scanner-1.0.0.tar.gz",
"platform": null,
"description": "# VGLS/Vigilant Scanner\n\n**vgls** is a Python-based CLI tool for monitoring file integrity, detecting changes, analyzing logs and identifying \npotential security threats. \n\n---\n\n## \ud83d\ude80 Features\n\n- **System Integrity Monitoring**: Detect changes in file content, metadata, and structure. Monitor \ndirectories for unauthorized or suspicious changes (permissions, owner, etc).\n- **Log Analysis** *(In Progress)*: Analyze logs for security threats and anomalies.\n\n---\n\n## \ud83d\udee0 Installation\n\n```bash\npip install vigilant-scanner\n```\n\n---\n\n## \ud83d\udccb Usage\n\n1. **Initialize Snapshot**\n Create a snapshot of the current directory state and store metadata in the database:\n ```bash\n vgls integrity-init <directory>\n ```\n \n\n2. **Scan and Compare**\n Scan the directory and compare results with the last snapshot:\n ```bash\n vgls integrity-scan <directory>\n ```\n \n\n3. **Update the Database**\n Update the database with the current state of the directory:\n ```bash\n vgls update <directory>\n ```\n\n\n4. **Log analysis**\n Analyse all logs (all files with .log extension) in provided directory on matching with malicious patterns.\n ```shell\n vgls log-scan <directory>\n ```\n **Work is still in progress.** Mostly working on malicious signature collection that will be used here.\n\n \n\n---\n\n## \u2699\ufe0f How It Works\n\n```bash\n# Create database with the current state of a target directory\nvgls integrity-init /var/www\n\n# Perform a scan to detect changes\nvgls integrity-scan /var/www\n\n# Update the database after legitimate changes are made (deploy was conducted etc.)\nvgls integrity-update /var/www\n```\n\n1. **Initialization (`init`)**\n - Scans a directory and stores metadata (file path, hash, size, permissions, etc.) in a SQLite database.\n\n2. **Scanning and Comparison (`scan`)**\n - Scans the directory again and compares the current state with the stored metadata.\n - Outputs new, modified, and deleted files.\n\n3. **Updating the Database (`update`)**\n - Updates the database to reflect the latest directory state.\n - Inserts new files, updates modified files, and removes deleted files.\n\n---\n\n## \ud83d\udccb Requirements\n\n- Python 3.10+\n\n---\n\n## \ud83d\udee0 Development\n\nTo contribute or run the tool locally:\n\n1. Clone the repository:\n ```bash\n git clone https://github.com/ivpel/vigilant-scanner.git\n ```\n\n2. Navigate to the project directory:\n ```bash\n cd vigilant-scanner\n ```\n\n3. Install dependencies:\n ```bash\n pip install -r requirements.txt\n ```\n\n4. Run tests:\n ```bash\n pytest\n ```\n\n---\n\n## \ud83d\udcdc License\n\nThis project is licensed under the GNU General Public License v3 or later (GPLv3+). See the [LICENSE](LICENSE) file for details.\n\n---\n\n## \ud83d\udcac Support\n\nIf you encounter any issues, feel free to open a ticket on the [GitHub Bug Tracker](https://github.com/ivpel/vigilant-scanner/issues).\n\n---\n\n## \ud83d\udd17 Links\n\n- **Homepage**: [Vigilant Scanner on GitHub](https://github.com/ivpel/vigilant-scanner)\n- **Bug Tracker**: [Report Issues](https://github.com/ivpel/vigilant-scanner/issues)\n\n",
"bugtrack_url": null,
"license": null,
"summary": "A CLI tool for monitoring file integrity, detecting changes, analyzing logs and identifying potential security threats.",
"version": "1.0.0",
"project_urls": {
"Bug Tracker": "https://github.com/ivpel/vigilant-scanner/issues",
"Homepage": "https://github.com/ivpel/vigilant-scanner"
},
"split_keywords": [
"change-detection",
" directory-scanning",
" file-integrity",
" infosec",
" malware-detection",
" monitoring",
" scanning",
" security"
],
"urls": [
{
"comment_text": null,
"digests": {
"blake2b_256": "f4d8443d9908a5d4b3b80785c94a7116853424d880dc2eb1033d18126d45e23c",
"md5": "84ca01324ef084b7066a3f4ba6575767",
"sha256": "4020e8e101ec7b416edf694be165c41d2ed21516360ec88d01aab01b5c1b9e8a"
},
"downloads": -1,
"filename": "vigilant_scanner-1.0.0-py3-none-any.whl",
"has_sig": false,
"md5_digest": "84ca01324ef084b7066a3f4ba6575767",
"packagetype": "bdist_wheel",
"python_version": "py3",
"requires_python": ">=3.10",
"size": 22238,
"upload_time": "2025-01-26T19:30:07",
"upload_time_iso_8601": "2025-01-26T19:30:07.298950Z",
"url": "https://files.pythonhosted.org/packages/f4/d8/443d9908a5d4b3b80785c94a7116853424d880dc2eb1033d18126d45e23c/vigilant_scanner-1.0.0-py3-none-any.whl",
"yanked": false,
"yanked_reason": null
},
{
"comment_text": null,
"digests": {
"blake2b_256": "2a29765e49422a7f2631275fcbb1850d20bf9b3177f02f68cd4e0544ba3db383",
"md5": "8af5d816fdc5de7c25cb0a1be6516349",
"sha256": "b22f12e4acf0eb5645d46a41fcec8ae10beecae3cc0230d809e6576efe00c3c0"
},
"downloads": -1,
"filename": "vigilant_scanner-1.0.0.tar.gz",
"has_sig": false,
"md5_digest": "8af5d816fdc5de7c25cb0a1be6516349",
"packagetype": "sdist",
"python_version": "source",
"requires_python": ">=3.10",
"size": 401401,
"upload_time": "2025-01-26T19:30:10",
"upload_time_iso_8601": "2025-01-26T19:30:10.428379Z",
"url": "https://files.pythonhosted.org/packages/2a/29/765e49422a7f2631275fcbb1850d20bf9b3177f02f68cd4e0544ba3db383/vigilant_scanner-1.0.0.tar.gz",
"yanked": false,
"yanked_reason": null
}
],
"upload_time": "2025-01-26 19:30:10",
"github": true,
"gitlab": false,
"bitbucket": false,
"codeberg": false,
"github_user": "ivpel",
"github_project": "vigilant-scanner",
"travis_ci": false,
"coveralls": false,
"github_actions": false,
"lcname": "vigilant-scanner"
}
JSON
