Inspiration
I am a Computer Science major with a concentration in Cyber Security and I was looking to create something related to the field of Cyber Security
What it does
This script upon the first time scanning with either a full scan or a quick scan iterates through a specified directory calculating all of the sha256 hash sums of the files and the date in which it was last accessed, stores this information in an archive along with the filename and directory the information belongs to. Upon the second time scanning the script compares the last scan's archive with the new scan's archive detecting any differences between the two and outputting that information into a nicely formatted log file.
How I built it
I built this script utilizing several python libraries including PyQt5, os, hashlib, and difflib.
Challenges I ran into
The main challenge that I ran into is that you have to run the script using the sudo command for the script to calculate the sums properly.
Accomplishments that I'm proud of
I'm proud that I was able to integrate a user interface into the program instead of just having a command line interface.
What I learned
I learned about a really useful python library "difflib" which helped speed up the time for not only formatting the log file, but also checking the differences between archives.
What's next for Intrusion Detection System
At this point I may decided to extend upon the IDS including specific files and folders which are important to protect, examples include the shadow file for linux and the .rchosts file which allows for remote connections into a system.
Log in or sign up for Devpost to join the conversation.