A final-year cybersecurity project — light, dynamic, and built for precision.
Continuously monitors file activity and system behavior to detect threats as they emerge.
Advanced AV engine learns and adapts to new malware and ransomware via custom designed rules.
Runs silently in the background without slowing down your PC.
Utilizes YARA’s capability to categorize files based on detected characteristics, aiding in threat analysis and incident response.
Black Swan Antivirus is a final-year cybersecurity project built using the YARA engine. It provides real-time malware detection, rule-based scanning, and a lightweight GUI. The core scanning engine (engine.c) is written in C, optimized for speed and low system resource usage.
The GUI is powered by Python (Tkinter), and integrates seamlessly with YARA for executing dynamic detection rules. This ensures the tool remains both powerful and user-friendly.
All four EICAR test files were successfully flagged, confirming the engine's effectiveness in identifying known malware signatures.
Detailed detection logs recorded file paths, types, and threat levels — enhancing traceability and threat insight.
Custom YARA rules executed with no false positives, validating the accuracy and reliability of the detection engine.
Handles core file scanning operations with minimal memory footprint and high execution speed.
Implements the GUI layer and manages rule parsing, scan controls, and user interaction logic.
Used for writing and executing rules that classify and detect malware based on file content signatures.
Code hosted publicly for collaboration, version control, and open-source distribution of the project.
Install Black Swan Antivirus and experience the future of cybersecurity.