SShortSingh.
Back to feed

Developer Builds Lightweight Open-Source Anti-Stealer Tool for Windows in Python

0
·1 views

A developer frustrated with resource-heavy commercial security tools has created a standalone behavioral anti-stealer application aimed at blocking modern infostealers such as Lumma and RedLine. The tool is written in pure Python and compiles to a roughly 9MB executable, consuming only 0–2% CPU during testing, with no cloud telemetry or signature databases. It operates by scanning active network connections every five seconds, using process lineage validation, SHA-256 integrity checks, and file descriptor auditing to detect suspicious access to browser and messaging app data. The project is released under the GNU GPL v3 license and is publicly available on GitHub for community review. The developer is seeking feedback on whether the five-second detection interval is sufficient against fast-executing infostealers and on potential false-positive risks in Windows process tracking.

Read the full story at DEV Community

This is an AI-generated summary. ShortSingh links to the original source for the complete article.

Discussion (0)

Log in to join the discussion and vote.

Log in

Related stories

0
ProgrammingDEV Community ·

LLM Diagnosed Hidden .NET ArrayPool Lock Causing 20% CPU Spike in Minutes

A market-data gateway service experienced an unexplained 20% CPU increase after a broadcast fan-out feature was added, with no obvious synchronization code in the codebase. Using a diagnostics tool called dotnet-diagnostics-mcp, an LLM-assisted investigation traced 15.8% of all CPU samples to Monitor.Enter_Slowpath, a hidden lock contention path. The culprit turned out to be ArrayPool.Shared, a standard .NET buffer-pooling mechanism that uses internal locking under high concurrent access. The refactor that introduced the issue had been reviewed and merged precisely because it replaced custom code with a well-regarded, optimized library, making it invisible to static analysis tools. The case highlights how AI-assisted runtime diagnostics can surface performance regressions that conventional code review and static analysis are structurally unable to detect.

0
ProgrammingDEV Community ·

MEV Bots Can Drain Wallets Fast: The Real Risks Behind Crypto Arbitrage

Maximal Extractable Value (MEV) bots are automated programs that scan blockchain transaction queues to exploit price differences on decentralized exchanges, but they carry significant financial risks often overlooked by newcomers. When a bot pays high priority fees to jump the transaction queue, it loses that fee even if a faster competitor executes the trade milliseconds earlier. Developers also face threats from deliberately poisoned smart contracts, known as Salmonella attacks, designed to trap and drain bots that interact with them. Competing successfully in MEV requires custom hardware, private network infrastructure, and advanced algorithms — tools typically available only to elite trading firms. Without these resources, amateur operators frequently lose their entire invested capital within days of launching a bot.

0
ProgrammingDEV Community ·

Open-Source AI Is Not Free: The Real Costs of Running Agentic Systems

Developers commonly assume open-source AI frameworks like LLaMA 3 carry no financial burden, but a detailed cost analysis reveals significant operational expenses. Deploying such models at scale can require GPU clusters costing around $12,000 per month, plus storage and networking overhead. Fine-tuning larger models, such as LLaMA 3-70B on 100GB of data, can exceed $350,000 and take up to eight weeks. Ongoing maintenance of multi-agent systems demands 15–20 hours of monitoring per week and hundreds of hours annually for framework updates. Analysts suggest open-source AI remains cost-effective only for smaller-scale or short-term projects, while hybrid cloud approaches can cut total ownership costs by 30–45% for production-scale deployments.

0
ProgrammingDEV Community ·

cursor-plugin-cc v0.4.0 Adds Adversarial Review Command to Challenge Design Decisions

Developer tools plugin cursor-plugin-cc released version 0.4.0 this week, introducing a new command called /cursor:adversarial-review designed to question design choices rather than just hunt for code-level bugs. The plugin integrates Claude and Cursor's Composer, letting Claude plan and review while Composer writes code, all within a single terminal interface. Unlike standard code review, the adversarial command pressure-tests assumptions, trade-offs, and failure modes, and can be steered toward specific concerns by appending a plain-text focus prompt. The command is intentionally user-invoked only and is read-only by construction, with a post-run check that fails the job if the working tree was modified, preventing it from quietly making edits. A small usability improvement was also added, where the tool now auto-detects diff size and recommends whether to run the review inline or in the background.

Developer Builds Lightweight Open-Source Anti-Stealer Tool for Windows in Python · ShortSingh