ParsonLabs Music

Cybersecurity File Analysis & Watching

Features

• Directory Monitoring: Uses the notify crate to watch a specified directory for new files.
• Hash-Based Detection: Calculates the SHA-256 hash of new files.
• Suspicious Hash Checking: Compares the file's hash against a hard-coded list of "known bad" hashes.

How to Run

1. Clone the repository.
2. Create a folder to monitor: mkdir monitored_folder
3. Run the application: cargo run
4. Test it: In another terminal, create a file in the monitored folder.
   • To trigger a "clean" detection: echo "hello" > monitored_folder/test.txt
   • To trigger a "suspicious" detection (this creates an empty file, whose hash is in our blocklist): touch monitored_folder/malicious_file.exe

Educational Goals

This project demonstrates:

• Filesystem interaction in Rust.
• Use of external crates for specific functionality (notify).
• Cryptographic hashing for file integrity and signature matching (sha2).
• Basic principles of signature-based malware detection.