Cerberus

"The three-headed guardian that protects your system"

---

  

---

English | Español

---

Cerberus is an open-source security monitoring tool for Windows that analyzes processes and executables in real-time, detects suspicious behavior, and helps users keep their systems secure and optimized.

✨ Features

🔴 Process Monitor

• Real-time process monitoring with detailed information
• Suspicious process detection (unusual locations, unsigned, resource anomalies)
• Risk scoring system (0-100) with explained factors
• Process management (kill, mark as trusted/suspicious)
• Whitelist/Blacklist based on SHA256 hash

🔵 Executable Analyzer

• Hash calculation (MD5, SHA1, SHA256)
• Digital signature verification
• PE header analysis (architecture, sections, imports, exports)
• String extraction (URLs, IPs, paths, suspicious patterns)
• VirusTotal API v3 integration
• Persistent analysis history

🟢 Network Monitor

• Active TCP/UDP connections per process
• Real-time bandwidth statistics
• Download/upload graphs
• Connection filtering by protocol and state

🟡 System Diagnosis

• System metrics (CPU, RAM, Disk, Network)
• Startup program management (Registry + Startup folder)
• Scheduled tasks review
• Temporary file cleanup
• Risk assessment for startup items

🟣 Alerts & Notifications

• Native Windows notifications
• In-app notifications (toasts)
• Alert history with filters
• Automatic alerts for CPU/RAM thresholds
• Configurable thresholds and severity

🔍 Executable Analyzer - Supported Files

The Analyzer is designed to inspect Windows Portable Executable (PE) files:

Extension	Type	Full Analysis
.exe	Executables	✅
.dll	Dynamic Libraries	✅
.sys	System Drivers	✅
.ocx	ActiveX Controls	✅
.scr	Screen Savers	✅
.cpl	Control Panel Items	✅
.drv	Device Drivers	✅

Analysis capabilities:

Feature	PE Files	Other Files
Hash calculation (MD5, SHA1, SHA256)	✅	✅
Digital signature verification	✅	❌
PE header analysis (architecture, sections)	✅	❌
Import/Export table inspection	✅	❌
Packer/Obfuscation detection	✅	❌
String extraction (URLs, IPs, paths)	✅	✅
VirusTotal lookup	✅	✅

Note: You can analyze any file for hashes and VirusTotal lookup, but PE-specific features (signature, imports, sections) only work with valid Windows executables.

---

---

🖼️ Screenshots

Dashboard

Main dashboard with real-time system metrics

Process Monitor

Process list with risk analysis and details panel

Executable Analyzer

Complete executable analysis with hashes, PE info, and strings

Network Monitor

Active connections and bandwidth graphs

System Diagnosis

Startup programs with risk assessment

Settings

Application configuration

---

🚀 Quick Start

Prerequisites

• Windows 10/11
• Rust 1.75+ (for building from source)
• Node.js 18+ (for building from source)
• pnpm (recommended) or npm

Download Binaries

Pre-compiled binaries available in Releases.

File	Description
cerberus_x.x.x_x64-setup.exe	NSIS Installer
cerberus_x.x.x_x64.msi	MSI Installer
cerberus.exe	Portable executable

Build from Source

# Clone the repository
git clone https://github.com/SoftDryzz/Cerberus.git
cd Cerberus

# Install dependencies
pnpm install

# Run in development mode
pnpm tauri dev

# Build for production
pnpm tauri build

---

🏗️ Tech Stack

Layer	Technology	Version
Backend	Rust	1.75+
Framework	Tauri	2.x
Frontend	Svelte	5.x
Typing	TypeScript	5.x
Styles	TailwindCSS	3.x
Database	SQLite (sqlx)	0.8+
System Info	sysinfo	0.32+
Hashing	md5, sha1, sha2	Latest
Notifications	notify-rust	4.x

---

📁 Project Structure

cerberus/
├── 📂 docs/                    # Documentation
├── 📂 src-tauri/               # Rust Backend (Tauri)
│   └── src/
│       ├── commands/           # Tauri IPC commands
│       ├── core/               # Business logic
│       │   ├── monitor/        # System monitoring
│       │   ├── security/       # Security analysis
│       │   ├── diagnosis/      # System diagnosis
│       │   └── alerts/         # Alert management
│       ├── models/             # Data structures
│       ├── db/                 # SQLite database
│       └── utils/              # Utilities
├── 📂 src/                     # Svelte Frontend
│   ├── lib/
│   │   ├── components/         # UI components
│   │   ├── stores/             # Global state
│   │   └── api/                # Tauri invoke wrapper
│   └── routes/                 # SvelteKit pages
└── 📂 tests/                   # Tests

---

🗺️ Roadmap

Phase	Status	Description
Phase 0 - Foundation	✅ 100%	Project setup, UI components, database
Phase 1 - MVP Core	✅ 100%	Process monitor, network monitor, dashboard
Phase 2 - Security	✅ 100%	Risk scorer, executable analyzer, VirusTotal
Phase 3 - Diagnosis	✅ 100%	Startup programs, scheduled tasks, alerts
Phase 4 - Polish	✅ 95%	Tests, i18n, system tray, documentation

See ROADMAP.md for details.

---

🧪 Testing

# Run unit tests
cd src-tauri
cargo test -- --test-threads=1

# 119 tests covering:
# - Risk scorer (44 tests)
# - Hash utilities (12 tests)
# - Cache operations (17 tests)
# - Network analyzer (26 tests)
# - Integration tests (13 tests)

---

🤝 Contributing

Contributions are welcome! Please read CONTRIBUTING.md before submitting PRs.

# Fork and clone
git clone https://github.com/YOUR_USER/Cerberus.git

# Create feature branch
git checkout -b feature/my-feature

# Commit changes
git commit -m 'feat: add my feature'

# Push and create PR
git push origin feature/my-feature

Commit Convention

We use Conventional Commits:

• feat: New feature
• fix: Bug fix
• docs: Documentation
• test: Tests
• refactor: Refactoring

---

📄 License

This project is licensed under the MIT License - see LICENSE for details.

---

👤 Author

SoftDryzz

• GitHub: @SoftDryzz
• Project: Cerberus

---

🙏 Acknowledgments

• sysinfo - Cross-platform system information
• Tauri - Desktop application framework
• Svelte - Reactive UI framework
• VirusTotal - Malware scanning API

---

⭐ Star this project if you find it useful!

Made with ❤️ and 🦀

---

  

---