This project is not production-ready. Breaking changes, bugs, and incomplete features should be expected.
HydraDragon is a local antivirus project currently under active and experimental development.
- It operates locally on the system.
- It is intended for research, learning, and malware analysis experimentation.
This project does not aim to replace your primary daily antivirus solution.
- False positives may occur.
- The system assumes the machine is in a clean state (not post-infection).
- The project prioritizes deeper analysis over speed.
- The goal is long-term detection improvement rather than quick but shallow detection.
- This does NOT mean the project achieves a 99% detection rate — it reflects the development philosophy only.
- This is a highly experimental project.
- Some architectural decisions in earlier versions were not optimal and affected stability.
- The project is actively being improved and refined.
- Use with caution.
-
Very old malware samples may not be detected.
-
Signature retirement reference: https://blog.clamav.net/2025/12/clamav-signature-retirement.html
-
Files that appear as junk or fully unknown data may be ignored intentionally.
-
If a PE header is removed, some detection engines may no longer flag the file.
-
YARA detections may still trigger depending on rule logic (for example, rules that do not verify file type).
Example:
PE header removed sample: https://www.virustotal.com/gui/file/9b7e921e971fe7523ba83a4599b4006ad214854eb043372129e4f5a68c5a427f
Original sample: https://www.virustotal.com/gui/file/1ef6c1a4dfdc39b63bfe650ca81ab89510de6c0d3d7c608ac5be80033e559326
- You must uninstall the software manually (auto-uninstaller is not functional).
- Temporary ClamAV update errors during setup can be safely ignored.
- If driver installation fails, disable Secure Boot and try again.
- It is recommended to wait until the antivirus interface fully loads, even if some protections appear active.
- You might need disable memory integrity: adrianyy/kernelhook#1
- The antivirus can be manually terminated by the user.
- Malware processes cannot terminate it because the driver verifies the origin of termination requests.
- If you close it manually, this does not indicate a security failure.
C:\ProgramData\HydraDragonAntivirus\Quarantine
- Do not quarantine every alert that appears from firewall "new connection" notifications.
- A new connection alert is not the same thing as a full automated malware verdict.
- Firewall and HIPS telemetry are still partially separated, so some alerts are informational, contextual, or require manual review before quarantine.
- Review the process path, parent process, destination, and other telemetry first instead of assuming every network alert is malicious.
At this stage:
-
The application works locally only.
-
Features may be incomplete or unstable.
-
Breaking changes may occur without prior notice.
-
This project is not production-ready and should be used for development and testing purposes only.
-
Dynamic and static analysis with Real Time Malware Analysis Platform for Windows, including open-source XDR (3 EDR projects), ClamAV, YARA-X, machine learning AI, behavioral analysis, Unpacker, Deobfuscator, Decompiler, website signatures, Ghidra, Suricata, Sigma, Kernel, Hypervisior based protection and much more than you can imagine.
This project is licensed under the GNU General Public License v2.0 (GPLv2).
See the LICENSE file for more information.
-
Newest database:
-
PE Benign Database (202k+): Download Link -JS Benign Database (53k+)Download Link
-
JS Malware Database (39k+): Download Link
-
PE Malware Database remains same.
-
Old database (with false negative and false positives):
-
PE Malware Database (53k+): Download Link
-
PE Benign Database (204k+): Download Link
-
JS Benign Database (53k+): Download Link
-
JS Malware Database (39k+): Download Link
-
Note: The collection only contains PE files smaller than 10MB. Due to my USB stick being broken and no longer recoverable, approximately 6,000 benign samples were lost forever. Some of these samples were even not available on VirusTotal.
-
Password: infected
- Install malicious (datamaliciousorder) and benign (data2) database, then install requirements.txt from train.py and just run train.py with the same folder as datamaliciousorder and data2.
- Then delete results.pkl and rename ml_definitions.pkl to results.pkl to consolidate the pickled data.
- This very complex task. I need create wiki for that. Please contact me.
- I now using 12.0.4: https://ghidra-sre.org/
- Setup file on release HydraDragonAntivirus.exe
- Ghidra: %ProgramFiles%\aHydraDragonAntivirus\hydradragon\ghidra
- Ghidra scripts: %ProgramFiles%\aHydraDragonAntivirus\hydradragon\scripts
- https://github.com/Yamato-Security/hayabusa/releases/tag/v3.8.1 (hayabusa-3.8.1-win-x64.zip)
- Vulnerable Drivers & Post-Infection Risk: This project utilizes drivers like
WinDivert,PYAS_Protection, andOwlyshieldRansomFilter. These drivers are currently unsigned or vulnerable, which prevents the use of ELAM (Early Launch Anti-Malware) as a bootstrap security solution (Even if Sanctum exists it's not signed). - The "Fatal Design" Assumption: By default, this project assumes your system is clean at the time of installation. It is NOT designed to clean or repair an already infected system.
- Zero Responsibility: If you install this on a system that is already compromised, resident malware may exploit these drivers or the centralized dependency structure (Python/Node.js) to escalate or persist. The developer is not responsible for any damage in a post-infection scenario.
In a post-infection state, the malware already has First Mover Advantage. Because this project uses unsigned drivers and hardcoded paths (specifically in PYAS_Protection and OwlyshieldRansomFilter), an attacker can perform the following:
- Directory Squatting: Malware pre-creates
C:\Program Files\HydraDragonAntivirusbefore you run the installer. It sets restrictive ACLs or drops "Poisoned" configuration files. When the driver starts, it blindly loads these malicious rules from the hardcoded path. - Dependency Hijacking: Since Python and Node.js are installed into the AV's subdirectory, malware can drop a malicious
python312.dllornode.exeinto those folders. The AV will then unknowingly execute malicious code with Administrative privileges during its normal operation. - Vulnerable Driver Abuse (BYOVD): Attackers can "Bring Their Own Vulnerable Driver" (or abuse the ones included here) to bypass Windows Kernel protections. Without ELAM and Digital Signatures, the AV cannot verify its own identity or the integrity of its environment during the boot process.
To mitigate "Post-Infection" triggers, the driver should be registered such that it refuses to start unless the process initiating the load is a verified PPL (Protected Process Light). Since standard malware (even with Administrative privileges) cannot easily spoof or inject into a PPL process, this ensures that only the legitimate, hardened HydraDragon service can activate the driver's protection routines.
- To prevent connection speed loss, make sure "late_blocking_mode" is set to true in C:\Program Files\HydraDragonAntivirus\HydraDragonFirewall\settings.json. This may cause malware to be detected slightly later.
- For debugging, remember to set HKEY_LOCAL_MACHINE\SOFTWARE\Owlyshield\VERBOSE_LOGGING to 1.
- Some kernel-level paths are hardcoded for extra protection, so do not modify them.
- Accept the certificate trust dialog that Windows shows while the firewall is running.
- Any logs will be removed when you restart the programme. So be careful!
- You have to restart the program after the analysis.
- Please don't share your IP in the logs.
- Make sure that the ClamAV database is installed without problems.
- We strongly recommend that you take a snapshot and then go back when you have finished your work.
- Make your username random (for example and for avoid anti analysis).
- The installer also includes daily.cvd, main.cvd, bytecode.cvd due to download issues with the ClamAV database.
- You can't install ClamAV signatures from Russian IP Cisco-Talos/clamav#500
- Here is the server link: https://discord.gg/7XMCuj5mbP
- Create too many files to detect ransomware.
Note 1:.
- Allow Java on the Windows firewall, as it'll decompile the PE file.
Note 2:
- If you find an issue, please create an issue. Antivirus software might be triggered by website signatures because they are not obfuscated, so exclude the
%ProgramFiles%\aHydraDragonAntivirus\hydradragonfolder. Due to risks please only use in a VM.
Note 3:
-
https://github.com/icsharpcode/ILSpy/tree/master/ICSharpCode.ILSpyCmd
-
https://github.com/GDATAAdvancedAnalytics/de4dotEx/releases/tag/3.4.0
-
https://www.rathlev-home.de/index-e.html?tools/prog-e.html#unpack
-
https://github.com/glmcdona/Process-Dump/releases/tag/v2.1.1
-
https://github.com/HydraDragonAntivirus/HydraDragonPythonReverser
-
I used these projects to decompile (with a current custom database of Detect-It-Easy).
-
I used these projects for AI.
-
I used these projects for EDR (Notice newest forks added to main repo instead of other repo).
-
I used this project for MBR Protection.
-
I used these projects to protect the antivirus.
-
I used these projects to optimize the antivirus.
-
I used these projects to HyperVisor
Note 4:.
- You will need an internet connection to install. It's not an offline installer.
- Installer note: when setup disables Hyper-V/VBS or asks for a reboot, that is only for this repo's Windows driver and testing compatibility.
- It is not the same thing as the separate hypervisor material mentioned in the wiki or other folders.
Note 5:
- Don't forget to do a clean up, as it takes up too much space while processing files against ransomware, etc.
- You need too much storage because it logs everything.
Note 6:
- I have collected every malicious IP, domain from the Internet. So there must be big false positives, but I handle them.
Note 7:
- Inno Setup version 6.7.1
Tip 1:
- Don't use suspicious VM names on your machine. (John Doe, etc.)
Tip 2:
- Use VSCode, VSCodium, or another editor to see live changes to .log files.
Tip 3:
- Close the Windows Firewall on the VM to avoid any firewall blocking. We are testing this program not Windows Firewall.
Q: Why is this repository still mostly YARA?
-
This is mainly because auto-generated YARA rules produced through machine learning have not been archived. As a result, the repository still contains a large number of manually created rules.
-
Additionally, the archived rules remain substantial in size because, for many years, malware analysts heavily relied on signature-based detection methods. While effective in certain scenarios, this approach is now considered less optimal compared to more modern techniques.
-
As you may notice, with the introduction of OpenEDR, the proportion of YARA has decreased significantly, and C++ has become the second most prominent language in the repository.
Q: Does this collect data?
- No. We can allow GridinSoft and many other companies to collect data. Unlike other companies, they freely allow the use of their cloud, but I'm not allowing that.
Q: How do I use it?
- Just run the shortcut from the desktop, then run advanced dynamic and static analysis on a file.
Q: How good is it?
- It's very good at every type of analysis and it balances everything with allowing you configure more aggressive or less aggressive.
Q: Why does my antivirus detect this as malware?
- It's a false positive. It's contains the website, HIPS signatures without obfuscation. It's a fully open source executable analysis product.
Q: Why is it 2GB+?
- Because of website signatures, Ghidra, ClamAV and Java Development Kit. Website signatures are not very effective but they can detect old and new viruses. I can remove them if you want. Ghidra is for decompiling but takes too much space. Java Development Kit is for Ghidra. That's 1GB+ Note that it's a completely local (except update database) and professional open source antivirus.
Q: Why does the antivirus.exe application take too long to run?
- Sometimes you may have to wait 5+ minutes (or less) the first time you run the programme as a lot of things load.
Q: Which Windows versions are supported?
- Windows 10 no longer offically supported. Switch to Windows 11 25H2.
Q: What are the minimum RAM and disk space requirements?
- A minimum of 8 GB of RAM is required: 3 GB is used by ClamAV, and the remaining 5 GB is used by other engines.
Q: Any sponsors or supporters?
- Yes, there are supporters for this project. Xcitium (Comodo) has expressed interest in supporting this project by providing malware samples, and Cisco Talos ClamAV community projects. But it's still a one man project.
Q: Are you using leaked YARA rules?
- No we don't but if you have proof please create issue we can remove it.
Q: Why don't you use NictaSoft, GridinSoft and Bitdefender cloud?
- It could significantly boost my antivirus. However, there are some problems. These services are not open source unless you pay. We're not only focused on detection, but also committed to maintaining open-source principles.
Q: Other related things?
- I used yarGen to create machinelearning_*.yar.
Q: Why you make this open source? Isn't security by obscurity better?
- If I don't make this project open source then I can't use other open source tools and it will make him shit like other too new and unknown closed source AVs. If you able to protect your source like Kaspersky (only leaked once from 2008 version, other leaks are fake also latest version has anti tamper protection from kernel so it's protects his source well.) but not like others Bitdefender (API + signatures solveable) Norton (Leaked his source once) Malwarebytes (leaked his source four times) Zemana (Cloud solveable and C# but currently his cloud is down) Windows Defender (DefenderYARA converted rules to YARA) and many other bad examples... in short if you able to protect your source code then why not to make closed source right? For extra security you can do that.
So I'm not againist closed source if you able to protect source code without false alarms from other AVs. But since I want to make better with open source tools and want open source community support I made them open source. That's of course have huge disadvantages and advantages. But I can't spend my time to create everything from scratch and protect my source code well withotu false alarms, it will take forever.
Q: How many repositories did you look at for this project?
- For YARA and website signatures, I looked at many projects-possibly more than 1,000.
Q: Why doesn't the program open?
- Your installation might be broken. You can check the logs to determine the issue, because if the connection was lost during installation, it can affect the installation significantly. Try reinstalling to fix the problem.
- All credits goes to Emirhan Uçan (yes it's one man project)
- Thanks to Hacı Murad for collecting and compiling some machine learning signatures.
This document describes all the output directories used by the executalbe analysis tool for various extraction, decompilation, and unpacking operations.
This document describes the output directories used by the HydraDragon analysis tool and what each directory contains. Keep this README next to the analysis output so analysts can quickly find decompiled/ extracted artifacts.
- Each extractor/decompiler writes into a dedicated directory under the analysis root.
- Tools create numbered subfolders (
1/,2/, ...) to avoid overwrites when the same packer/result is processed multiple times. - Filenames and subfolders are preserved where possible to make tracing back to the original artifact easier.
- Directories are created automatically by the extraction/decompilation modules.
- Packer/Obfuscator extraction:
hydra_dragon_dumper_extracted/,upx_extracted/,themida_unpacked/,vmprotect_unpacked/,debloat/ - .NET analysis:
dotnet/,obfuscar/,de4dot_extracted/,net_reactor_extracted/,un_confuser_ex_extracted/ - Android/APK:
jadx_decompiled/,androguard/ - Python:
pyinstaller_extracted/,pyarmor8_and_9_extracted/,pyarmor7_extracted/,nuitka/,nuitka_extracted/,nuitka_source_code/,cx_freeze_extracted/,pylingual_extracted/,python_deobfuscated/,python_deobfuscated_marshal_pyc/,pycdas_extracted/,python_source_code/ - JavaScript / Node / Electron:
webcrack_javascript_deobfuscated/,asar/,npm_pkg_extracted/,decompiled_jsc/ - Java:
jar_extracted/,FernFlower_decompiled/ - Installer / archive:
inno_setup_unpacked/,advanced_installer_extracted/,installshield_extracted/,zip_extracted/,seven_zip_extracted/,tar_extracted/,general_extracted_with_7z/,pe_extracted/ - Script decompilers:
autohotkey_decompiled/,autoit_extracted/ - Go / Ungarbler outputs:
ungarbler/,ungarbler_string/ - Misc / analysis artifacts:
decompiled/,ole2/,memory/,resource_extractor/,html_extracted/
(Each line shows directory name and the purpose of files found there.)
hydra_dragon_dumper_extracted/— Hydra Dragon Dumper (Mega Dumper Fork) output extracted.enigma1_extracted/— Enigma Virtual Box extracted files.decompiled/— General decompiled files from miscellaneous tools.upx_extracted/— UPX (Ultimate Packer for eXecutables) extracted files.webcrack_javascript_deobfuscated/— JavaScript files deobfuscated with webcrack.inno_setup_unpacked/— Inno Setup unpacked installer files.autohotkey_decompiled/— AutoHotkey script decompiled outputs.themida_unpacked/— Themida unpacked outputs.nuitka/— Nuitka onefile extracted directory.ole2/— OLE2 extracted resources and compound file structures.dotnet/— .NET decompiled sources.jadx_decompiled/— APK decompiled with JADX (Java sources).androguard/— APK decompiled output from androguard (smali/java).asar/— ASAR (Electron) archive extracted contents.npm_pkg_extracted/— NPM package extraction (JavaScript bundles).decompiled_jsc/— V8 / JSC bytecode objects and decompiled artifacts.obfuscar/— .NET assemblies obfuscated with Obfuscar.de4dot_extracted/— .NET files deobfuscated using de4dot.net_reactor_extracted/— .NET Reactor Slayer outputs.un_confuser_ex_extracted/— UnConfuserEx deobfuscation outputs.pyinstaller_extracted/— PyInstaller onefile extraction results.pyarmor8_and_9_extracted/— PyArmor 8/9 unpacked outputs.pyarmor7_extracted/— PyArmor 7-specific unpacking outputs.cx_freeze_extracted/— cx_Freezelibrary.zipcontents extracted.pe_extracted/— PE file internals and extracted sections/resources.zip_extracted/— ZIP archive contents.seven_zip_extracted/— 7-Zip archive contents.general_extracted_with_7z/— General extraction area for 7-Zip operations.nuitka_extracted/— Nuitka binary outputs and support files.advanced_installer_extracted/— Advanced Installer extraction outputs.tar_extracted/— TAR archive contents.memory/— Dynamic analysis memory dump files (.dmp / raw memory dumps).resource_extractor/— RCData and embedded resources extracted by resource extractor.ungarbler/— Deobfuscated Go (garble) binaries and output.ungarbler_string/— Deobfuscated strings from Go Garble outputs.debloat/— Debloated files directory (trimmed installers/binaries).jar_extracted/— Extracted contents of JAR files.FernFlower_decompiled/— JARs decompiled with FernFlower.pylingual_extracted/— pylingual-reversed Python sources (.pyc -> .py).vmprotect_unpacked/— VMProtect unpacked directories.python_deobfuscated/— Deobfuscated Python sources.python_deobfuscated_marshal_pyc/— Deobfuscated .pyc from marshal blobs.pycdas_extracted/— pycdas / Decompyle++ extracted Python sources. ( 21-Oct-2025)python_source_code/— Extracted and organized Python project sources.nuitka_source_code/— Nuitka reversed-engineered source tree.html_extracted/— HTML and web page resources captured during analysis.installshield_extracted/— InstallShield unpack outputs.autoit_extracted/— AutoIt script extraction results.
- Inspect each extraction directory after the run to locate configuration blobs, embedded resources, strings, and suspicious binaries.
- If you need to regenerate extracted outputs, run the relevant extractor again; numbered subfolders prevent accidental overwrites.
- If a directory is empty, check the corresponding extraction log for errors. Tools may fail silently if binaries are corrupted.
- If references look malformed (e.g.
Unknown.0,Unknown), run the providedreference_fix_and_rebuild.pyto normalize and rebuild references. - If the loader is slow, enable shard caching or batch queries (see loader docs) rather than re-loading every shard for each lookup.
For changes to this README or to add new extractor directories, update this file and check it into your repo so everyone can see the mapping.