Releases: im0d00/ransomwareshield
Releases · im0d00/ransomwareshield
v1.0.0 — Initial Release
🛡️ RansomwareShield v1.0.0 — Initial Release
The first official release of RansomwareShield, a Python-based ransomware detection and prevention tool that monitors file system activity for suspicious behavior patterns commonly associated with ransomware attacks.
✨ Features
- Real-time File System Monitoring — Watches directories for suspicious file operations such as mass file renaming, rapid encryption-like modifications, and deletion patterns.
- Entropy Analysis — Detects high-entropy file content changes that may indicate encryption activity.
- Configurable Monitoring Rules — Customize watched directories, file extensions, and detection thresholds via YAML configuration.
- Alert & Response Actions — Configurable responses including logging, notifications, and process termination.
- Command-Line Interface — Monitor directories directly from the terminal.
- Python API — Programmatic access for seamless integration into existing security workflows.
- Lightweight & Extensible — Minimal dependencies with a modular architecture for adding custom detection rules.
🚀 Quick Start
Install
git clone https://github.com/im0d00/ransomwareshield.git
cd ransomwareshield
pip install -e .CLI
ransomwareshield --watch /path/to/directoryPython
from ransomwareshield import RansomwareShield
shield = RansomwareShield()
shield.monitor("/path/to/protected/directory")
shield.start()⚙️ Configuration
| Option | Description | Default |
|---|---|---|
watch_directories |
Directories to monitor | ["."] |
file_extensions |
File extensions to watch (empty = all) | [] |
entropy_threshold |
Entropy level to flag as suspicious (0.0–8.0) | 7.5 |
max_changes_per_second |
Max file changes/sec before alerting | 10 |
action |
Response action (log, alert, kill_process) |
log |
log_file |
Path to log file | ransomwareshield.log |
📖 Documentation & Examples
- 📘 Detailed Guide — Comprehensive documentation covering all configuration options, detection mechanisms, API reference, CLI reference, and architecture overview.
- 📄 Example Configuration
- 🐍 Basic Usage Example
- 🔧 Custom Rules Example
📋 Requirements
- Python 3.8+
📄 License
This project is licensed under the MIT License.