MaintainTeam/Hypatia
1
0
Fork 0
mirror of https://github.com/MaintainTeam/Hypatia.git synced 2025-02-28 21:38:21 +03:00
Code Issues Projects Releases Packages Wiki Activity Actions
A realtime malware scanner
110 commits 3 branches 83 tags 4.9 MiB
Java 94%
Shell 5.3%
Makefile 0.7%
Find a file
Tad bc7fef6235 Fix another typo 
https://gitlab.com/divested-mobile/hypatia/-/issues/1#note_508235073
2021-02-12 16:58:22 -05:00
.idea Enable the German translation 2021-02-02 09:11:31 -05:00
app Fix another typo 2021-02-12 16:58:22 -05:00
gradle/wrapper Update dependencies 2021-02-02 09:03:25 -05:00
scripts Add reference scripts for generating the databases 2021-01-20 12:48:11 -05:00
.gitignore Initial commit 2017-12-13 22:44:56 -05:00
build.gradle Update dependencies 2021-02-02 09:03:25 -05:00
gradle.properties AndroidX migration 2019-02-12 16:31:11 -05:00
gradlew Initial commit 2017-12-13 22:44:56 -05:00
gradlew.bat Initial commit 2017-12-13 22:44:56 -05:00
LICENSE Update license 2019-05-09 06:45:07 -04:00
README.de.md Add the German README, credit Petra Mirelli 2021-02-02 08:11:32 -05:00
README.md Update credits 2021-02-02 09:53:22 -05:00
settings.gradle Bump app version 2017-12-26 18:54:57 -05:00

README.md

Hypatia

Overview

Hypatia is the worlds first FOSS malware scanner for Android. It is powered by ClamAV style signature databases.

Features

  • Near zero battery impact: you'll never notice any impact on battery at all
  • Extremely fast: it can scan small files (1MB) in <20ms, and even large files (40MB) in 1000ms.
  • Memory efficient: with the default databases enabled it uses under 120MB.
  • Regular scan: allowing selection of /system, internal storage, external storage, and installed apps
  • Realtime scanner: can detect malware in realtime on write/rename in internal storage
  • Completely offline: Internet is only used to download signature databases, files will never ever leave your device
  • Persistence: will automatically restart on boot/update
  • Tiny codebase: coming in at under 1000 sloc, it can be audited by even someone with basic programming experience
  • Minimal dependencies: the app only uses libraries when necessary
  • Signature databases can be enabled/disabled at the users demand

Technical Details

  • Signature databases are ClamAV .hdb (MD5 hashes) and .hsb (SHA-1/SHA-256) format
  • Signature databases will not be redownloaded if the file hasn't changed on the server (304 not modified)
  • Signatures are stored using HashMaps for O(1) lookup
  • Files have their MD5/SHA-1/SHA-256 hashes calculated in one pass
  • Realtime scanner is multithreaded and will use half of the device's core count for scanning multiple files asynchronously
  • Realtime scanning powered by a recursive FileObserver
  • Network connections will be made to the following: https://divested.dev/MalwareScannerSignatures/{.api,.hb.gz}

Planned Updates

  • Option to scan on access
  • Option to quarantine/delete on detection
  • Scan files via share intent
  • Scan newly installed/updated apps
  • Better GUI
  • Translations
  • Scanning entire system using root (low priority)

Goals

  • Be fast
  • Don't eat batteries
  • Use minimal permissions
  • Use libraries only when necessary

Credits

  • ClamAV for the databases (GPLv2)
  • ESET for extra databases (BSD 2-Clause)
  • RecursiveFileObserver.java (GPLv3): Daniel Gultsch, ownCloud Inc., Bartek Przybylski
  • Petra Mirelli for the German Translations
  • Icons (Apache-2.0): Google/Android/AOSP

Notices

  • Divested Computing Group is not affiliated with Cisco or ESET
  • Hypatia is not sponsored or endorsed by Cisco or ESET