How to download Python files, detect execution

Asked 2 years ago, Updated 2 years ago, 22 views

I want to make a simple vaccine using Python

Is there a way to catch when a file with an executable extension runs, or when a file with an executable extension is newly downloaded and stored on your PC?

python

2022-09-22 11:03

1 Answers

It's hard to catch files being created and deleted on the os only with python.

Based on Windows, you eventually need a file system filter driver.

This means that you need to know if the file on the os has been created, so you need to work in the kernel area. This means that you need to detect not only the creation of files, but also modifications and changes.

In summary, it is possible to detect malicious code itself only with Python, but to know events such as file creation, change, and deletion, consider that it is a filter driver in the kernel area, and this is another system programming area.

2022-09-22 11:03

If you have any answers or tips

Popular Tags
python x 4647
android x 1593
java x 1494
javascript x 1427
c x 927
c++ x 878
ruby-on-rails x 696
php x 692
python3 x 685
html x 656
Popular Questions

561 Uncaught (inpromise) Error on Electron: An object could not be cloned

555 rails db:create error: Could not find mysql2-0.5.4 in any of the sources

796 When building Fast API+Uvicorn environment with PyInstaller, console=False results in an error

556 Understanding How to Configure Google API Key

992 In Java servlet, when SHA-256 sends WW-Authenticate header for digest authentication, the client does not return the result.

© 2024 OneMinuteCode. All rights reserved.