sps-security 1.0.0__tar.gz

sps_security-1.0.0/LICENSE

@@ -0,0 +1,5 @@
+MIT License
+
+Copyright (c) 2026 Samuel Pontes
+
+Permission is hereby granted, free of charge, to any person obtaining a copy...

sps_security-1.0.0/PKG-INFO

@@ -0,0 +1,14 @@
+Metadata-Version: 2.4
+Name: sps-security
+Version: 1.0.0
+Summary: Malware detection tool
+Author: Samuel Pontes
+Requires-Python: >=3.8
+License-File: LICENSE
+Requires-Dist: tqdm
+Requires-Dist: colorama
+Dynamic: author
+Dynamic: license-file
+Dynamic: requires-dist
+Dynamic: requires-python
+Dynamic: summary

sps_security-1.0.0/README.md

@@ -0,0 +1,32 @@
+# 🛡️ SPS-SECURITY
+
+### Lightweight Malware Detection Tool
+
+![Python](https://img.shields.io/badge/Python-3.x-blue)
+![Security](https://img.shields.io/badge/Security-Malware%20Scanner-green)
+![Status](https://img.shields.io/badge/Status-Active-brightgreen)
+
+---
+
+SPS-SECURITY is an open-source malware detection tool created for learning cybersecurity concepts.
+
+It scans files and directories looking for malware using multiple detection engines.
+
+---
+
+## 🔍 Features
+
+- Hash-based malware detection
+- Signature detection
+- Heuristic detection
+- Binary scanning
+- Multithread scanning
+- Quarantine system
+- JSON scan reports
+- CLI interface
+
+---
+
+## ⚡ Usage
+
+Scan a folder:

sps_security-1.0.0/setup.cfg

@@ -0,0 +1,4 @@
+[egg_info]
+tag_build = 
+tag_date = 0
+

sps_security-1.0.0/setup.py

@@ -0,0 +1,19 @@
+from setuptools import setup, find_packages
+
+setup(
+    name="sps-security",
+    version="1.0.0",
+    author="Samuel Pontes",
+    description="Malware detection tool",
+    packages=find_packages(),
+    install_requires=[
+        "tqdm",
+        "colorama",
+    ],
+    entry_points={
+        "console_scripts": [
+            "sps=sps_security.cli:run",
+        ],
+    },
+    python_requires=">=3.8",
+)

sps_security-1.0.0/sps_security/cli.py

@@ -0,0 +1,27 @@
+import argparse
+from sps_security.core.scanner import scan_folder
+
+def load_file(path):
+
+    try:
+        with open(path) as f:
+            return [line.strip() for line in f if line.strip()]
+    except:
+        return []
+
+def run():
+
+    parser = argparse.ArgumentParser(description="SPS Security Scanner")
+
+    parser.add_argument("command", help="scan")
+    parser.add_argument("target", help="folder or file")
+
+    args = parser.parse_args()
+
+    signatures = load_file("sps_security/database/signatures.txt")
+    hashes = load_file("sps_security/database/malware_hash_db.txt")
+
+    patterns = signatures
+
+    if args.command == "scan":
+        scan_folder(args.target, signatures, hashes, patterns)

sps_security-1.0.0/sps_security/core/binary_engine.py

@@ -0,0 +1,23 @@
+from colorama import Fore
+
+def binary_scan(file, patterns):
+
+    try:
+
+        with open(file, "rb") as f:
+
+            data = f.read()
+
+        text = data.decode("latin-1", errors="ignore")
+
+        for p in patterns:
+
+            if p in text:
+
+                print(Fore.YELLOW + f"[BINARY ALERT] {p} in {file}")
+                return True
+
+    except:
+        pass
+
+    return False

sps_security-1.0.0/sps_security/core/hash_engine.py

@@ -0,0 +1,15 @@
+from sps_security.utils.hashing import get_hash
+from colorama import Fore
+
+def hash_scan(file, malware_hashes):
+
+    file_hash = get_hash(file)
+
+    if file_hash in malware_hashes:
+
+        print(Fore.RED + f"[HASH ALERT] {file}")
+        print(Fore.YELLOW + f"SHA256: {file_hash}")
+
+        return True
+
+    return False

sps_security-1.0.0/sps_security/core/heuristic_engine.py

@@ -0,0 +1,30 @@
+from colorama import Fore
+
+HEURISTIC_PATTERNS = [
+    "powershell -enc",
+    "cmd.exe /c",
+    "nc -e",
+    "wget http",
+    "curl http",
+    "base64 -d"
+]
+
+def heuristic_scan(file):
+
+    try:
+
+        with open(file, "r", errors="ignore") as f:
+
+            content = f.read()
+
+            for pattern in HEURISTIC_PATTERNS:
+
+                if pattern in content:
+
+                    print(Fore.YELLOW + f"[HEURISTIC ALERT] {pattern} in {file}")
+                    return True
+
+    except:
+        pass
+
+    return False

sps_security-1.0.0/sps_security/core/scanner.py

@@ -0,0 +1,88 @@
+import os
+from concurrent.futures import ThreadPoolExecutor
+from tqdm import tqdm
+
+from sps_security.core.hash_engine import hash_scan
+from sps_security.core.signature_engine import signature_scan
+from sps_security.core.heuristic_engine import heuristic_scan
+from sps_security.core.binary_engine import binary_scan
+from sps_security.utils.quarantine import quarantine
+from sps_security.utils.logger import log
+
+# extensões ignoradas
+IGNORE_EXT = (".py", ".pyc")
+
+# pastas ignoradas
+IGNORE_DIRS = ["quarantine", "__pycache__", "database"]
+
+
+def scan_file(file, signatures, hashes, patterns):
+
+    # ignorar arquivos de código
+    if file.endswith(IGNORE_EXT):
+        return False
+
+    try:
+
+        # HASH detection
+        if hash_scan(file, hashes):
+            log(f"HASH DETECTED: {file}")
+            quarantine(file)
+            return True
+
+        # SIGNATURE detection
+        if signature_scan(file, signatures):
+            log(f"SIGNATURE DETECTED: {file}")
+            quarantine(file)
+            return True
+
+        # HEURISTIC detection
+        if heuristic_scan(file):
+            log(f"HEURISTIC DETECTED: {file}")
+            return True
+
+        # BINARY detection
+        if file.endswith((".exe", ".dll", ".apk", ".bin")):
+            if binary_scan(file, patterns):
+                log(f"BINARY DETECTED: {file}")
+                return True
+
+    except Exception as e:
+        log(f"ERROR scanning {file}: {e}")
+
+    return False
+
+
+def scan_folder(folder, signatures, hashes, patterns):
+
+    files = []
+
+    for root, dirs, names in os.walk(folder):
+
+        # remover diretórios ignorados
+        dirs[:] = [d for d in dirs if d not in IGNORE_DIRS]
+
+        for name in names:
+            files.append(os.path.join(root, name))
+
+    print("\n[SCAN] Starting analysis...\n")
+
+    threats = []
+
+    with ThreadPoolExecutor() as executor:
+
+        results = list(
+            tqdm(
+                executor.map(lambda f: scan_file(f, signatures, hashes, patterns), files),
+                total=len(files)
+            )
+        )
+
+    for i, result in enumerate(results):
+
+        if result:
+            threats.append(files[i])
+
+    print("\n[RESULT]")
+    print("Files scanned:", len(files))
+    print("Threats found:", len(threats))

sps_security-1.0.0/sps_security/core/signature_engine.py

@@ -0,0 +1,21 @@
+from colorama import Fore
+
+def signature_scan(file, signatures):
+
+    try:
+
+        with open(file, "r", errors="ignore") as f:
+
+            content = f.read()
+
+            for sig in signatures:
+
+                if sig in content:
+
+                    print(Fore.RED + f"[SIGNATURE ALERT] {sig} in {file}")
+                    return True
+
+    except:
+        pass
+
+    return False

sps_security-1.0.0/sps_security/utils/hashing.py

@@ -0,0 +1,17 @@
+import hashlib
+
+def get_hash(file):
+
+    sha256 = hashlib.sha256()
+
+    try:
+
+        with open(file, "rb") as f:
+
+            for chunk in iter(lambda: f.read(4096), b""):
+                sha256.update(chunk)
+
+        return sha256.hexdigest()
+
+    except:
+        return None

sps_security-1.0.0/sps_security/utils/logger.py

@@ -0,0 +1,17 @@
+import logging
+import os
+
+LOG_DIR = "logs"
+LOG_FILE = os.path.join(LOG_DIR, "scan.log")
+
+if not os.path.exists(LOG_DIR):
+    os.mkdir(LOG_DIR)
+
+logging.basicConfig(
+    filename=LOG_FILE,
+    level=logging.INFO,
+    format="%(asctime)s - %(levelname)s - %(message)s"
+)
+
+def log(message):
+    logging.info(message)

sps_security-1.0.0/sps_security/utils/quarantine.py

@@ -0,0 +1,19 @@
+import os
+import shutil
+from colorama import Fore
+
+QUARANTINE_FOLDER = "quarantine"
+
+def quarantine(file):
+
+    if not os.path.exists(QUARANTINE_FOLDER):
+        os.mkdir(QUARANTINE_FOLDER)
+
+    try:
+
+        shutil.move(file, QUARANTINE_FOLDER)
+
+        print(Fore.MAGENTA + f"[QUARANTINE] {file}")
+
+    except:
+        pass

sps_security-1.0.0/sps_security.egg-info/PKG-INFO

@@ -0,0 +1,14 @@
+Metadata-Version: 2.4
+Name: sps-security
+Version: 1.0.0
+Summary: Malware detection tool
+Author: Samuel Pontes
+Requires-Python: >=3.8
+License-File: LICENSE
+Requires-Dist: tqdm
+Requires-Dist: colorama
+Dynamic: author
+Dynamic: license-file
+Dynamic: requires-dist
+Dynamic: requires-python
+Dynamic: summary

sps_security-1.0.0/sps_security.egg-info/SOURCES.txt

@@ -0,0 +1,22 @@
+LICENSE
+README.md
+setup.py
+sps_security/__init__.py
+sps_security/cli.py
+sps_security.egg-info/PKG-INFO
+sps_security.egg-info/SOURCES.txt
+sps_security.egg-info/dependency_links.txt
+sps_security.egg-info/entry_points.txt
+sps_security.egg-info/requires.txt
+sps_security.egg-info/top_level.txt
+sps_security/core/__init__.py
+sps_security/core/binary_engine.py
+sps_security/core/hash_engine.py
+sps_security/core/heuristic_engine.py
+sps_security/core/scanner.py
+sps_security/core/signature_engine.py
+sps_security/database/__init__.py
+sps_security/utils/__init__.py
+sps_security/utils/hashing.py
+sps_security/utils/logger.py
+sps_security/utils/quarantine.py

sps_security-1.0.0/sps_security.egg-info/dependency_links.txt

@@ -0,0 +1 @@
+

sps_security-1.0.0/sps_security.egg-info/entry_points.txt

@@ -0,0 +1,2 @@
+[console_scripts]
+sps = sps_security.cli:run

sps_security-1.0.0/sps_security.egg-info/requires.txt

@@ -0,0 +1,2 @@
+tqdm
+colorama

sps_security-1.0.0/sps_security.egg-info/top_level.txt

@@ -0,0 +1 @@
+sps_security