Hawk Eye Analysis Tool (Formerly Orion Malware Cleaner)- by Trident [Deleted]

[Trident]

High commendations on a fine creation. Definitely is surpassed expectations to date and then some.

Very Imaginative sequence for an analysis tool which covers the bases (or should one say vectors)

That’s thinking outside of the box

 

[cartaphilus]

Nice name change just stay away from snow plows.

 

[Trident]

Establishing brand identity done

 

[Trident]

Trident updated Hawk Eye Analysis Tool (Formerly Orion Malware Cleaner)- by Trident with a new update entry:

New Update

This new update brings the following enhancements:

+Performance improvements, especially in static analysis
+Heuristics improvements
+ The rebranding from Orion to Helios is now complete. All detection prefixes have been updated accordingly.
The naming convention remains <engineName>:<threatCategory>!specificInfo
View attachment 292485

View attachment 292486

Read the rest of this update entry...

 

[Trident]

HEAT Microsite (in development)

HEAT Scanner | Deep Malware Detection

Advanced malware detection. Memory scanning, fileless malware, rootkits, persistence hunting. Powered by Helios Engine. Free.

win.hea-p.com

 

[RoxasDev]

Wow! Nice work, Trident! I hope you’ll keep improving it even more! I’ll have to test it in a VM sometime with a few of my own custom payloads!

 

[Trident]

Wow! Nice work, Trident! I hope you’ll keep improving it even more! I’ll have to test it in a VM sometime with a few of my own custom payloads!

Thanks for your interest!

I will definitely keep improving it, for the next version I am preparing a few more heuristics, mainly for anti-botnet detection. One of them will flag Microsoft processes with code not mapped to files, when they connect to non-Microsoft domains or OneDrive which is abused Microsoft domain. Coupled with the persistence cleanup, a restart should resolve the issue.

The detection issued will be Helios:Botnet_PossibleInjector!MediumConfidence

I’ve been experimenting with this implementation for a while.

 

[Trident]

The refactoring to a standalone app has began.

Main UI:

 

[Trident]

The stars are moving very fast on scan

 

[Trident]

HEAT Update Experience

 

[stonjean633]

The refactoring to a standalone app has began.

Main UI:
View attachment 292712

When is the App ready?

 

[Trident]

When is the App ready?

I wired the UI today, over the next 2-3 weeks I will port all scan logics plus some new which I can run on .net, like better memory forensics. You won't have to wait long.

 

[stonjean633]

I wired the UI today, over the next 2-3 weeks I will port all scan logics plus some new which I can run on .net, like better memory forensics. You won't have to wait long.

Nice. Good things are worth the wait. Thanks for sharing to this community.

 

[Trident]

Nice. Good things are worth the wait. Thanks for sharing to this community.

The program version in addition to the heuristics, botnet intelligence and DynaTune which were in the script, will also use local database of malicious hashes, malware-related certificates, proprietary PUA database (still not wired) and Yara Rules (still not wired either).

So far HEAT doesn’t upload any data to APIs and has no telemetry.

 

[Trident]

one more theme under settings: Material Relax, the other one is called Security Centre at Midnight. Why? because I was mostly working on these projects around and past midnight.
The material relax will have nature-inspired backgrounds.

 

[simmerskool]

mostly working on these projects around and past midnight

that's when I do my best work too (when I work)

 

[Trident]

The reason I was avoiding executables is because I knew I will get obsessed with performance.

These are 2 versions of the UI with <some optimisations>.


This is the UI, including the launch speed after another series of heavy optimisations.

 

[Trident]

HEAT Privacy Policy

HEAP Trust Centre | Our Privacy Promise

We don't collect your data. Here's our simple, plain-English promise for all our security tools.

hea-p.com

 

[Trident]

 

[Trident]