Skip to content

ivpel/vigilant-scanner

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

20 Commits
docs
docs
 
 
src/vigilant_scanner
src/vigilant_scanner
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
pyproject.toml
pyproject.toml
 
 

Repository files navigation

VGLS/Vigilant Scanner

vgls is a Python-based CLI tool for monitoring file integrity, detecting changes, analyzing logs and identifying potential security threats.

🚀 Features

  • System Integrity Monitoring: Detect changes in file content, metadata, and structure. Monitor directories for unauthorized or suspicious changes (permissions, owner, etc).
  • Log Analysis (In Progress): Analyze logs for security threats and anomalies.

🛠 Installation

pip install vigilant-scanner

📋 Usage

  1. Initialize Snapshot Create a snapshot of the current directory state and store metadata in the database:

    vgls integrity-init <directory>

    Alt Text

  2. Scan and Compare Scan the directory and compare results with the last snapshot:

    vgls integrity-scan <directory>

    Alt Text

  3. Update the Database Update the database with the current state of the directory:

    vgls integrity-update <directory>

Alt Text

  1. Log analysis Analyse all logs (all files with .log extension) in provided directory on matching with malicious patterns. 
    vgls log-scan <directory>
    Work is still in progress. Mostly working on malicious signature collection that will be used here. Alt Text

⚙️ How It Works

# Create database with the current state of a target directory
vgls integrity-init /var/www

# Perform a scan to detect changes
vgls integrity-scan /var/www

# Update the database after legitimate changes are made (deploy was conducted etc.)
vgls integrity-update /var/www

  1. Initialization (init)

    • Scans a directory and stores metadata (file path, hash, size, permissions, etc.) in a SQLite database.

  2. Scanning and Comparison (scan)

    • Scans the directory again and compares the current state with the stored metadata.
    • Outputs new, modified, and deleted files.

  3. Updating the Database (update)

    • Updates the database to reflect the latest directory state.
    • Inserts new files, updates modified files, and removes deleted files.

📋 Requirements

  • Python 3.10+

🛠 Development

To contribute or run the tool locally:

  1. Clone the repository:

    git clone https://github.com/ivpel/vigilant-scanner.git

  2. Navigate to the project directory:

    cd vigilant-scanner

  3. Install dependencies:

    pip install .
# for development
pip install -e ".[dev]"

  4. Run tests:

    pytest

📜 License

This project is licensed under the GNU General Public License v3 or later (GPLv3+). See the LICENSE file for details.

💬 Support

If you encounter any issues, feel free to open a ticket on the GitHub Bug Tracker.

🔗 Links

About

A CLI tool for monitoring file integrity, detecting changes, analyzing logs and identifying potential security threats.

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 4

1.0.3 Latest
Feb 2, 2026
+ 3 releases

Packages

 
 
 

Contributors

Languages