Malware Minimizer is an open-source, cross-platform software designed to scan devices for malware and provide actionable steps to address detected threats. The primary goal is to deliver a lightweight, user-friendly solution that works directly from the command line without requiring extensive setup or additional dependencies for end users.
-
Fast Scan:
- Quickly scans files and compares their hashes against a malware database.
- Includes basic malware removal and quarantine functionality.
-
Deep Scan Lane:
- Exposes a
--deepCLI mode while heuristic analysis continues to mature. - Preserves the fast-scan contract and surfaces fallback behavior clearly to users.
- Exposes a
-
Cross-Platform CLI:
- Designed for use on macOS, Linux, and Windows.
- Simple and intuitive command-line interface.
-
Automated Malware Database Updates:
- Ensures access to the latest malware signatures for accurate detection.
-
Open Source:
- Fully hosted on GitHub with detailed documentation and community-driven development.
Verified from the repository, GitHub metadata, and workflow configuration on April 7, 2026.
- 321 commits, 139 pull requests, and 110 issues: active, review-driven development rather than a one-off demo repository.
- 47 labels organized into 7 phases, 18 component areas, 3 priority tiers, 3 difficulty levels, and 2 milestone tracks so contributors can find scoped work quickly.
- A documented contributor system:
AGENTS.md,docs/contributing-guidelines.md,docs/development-guide.md,docs/architecture-documentation.md,tests/README.md, and a workflow quickstart indocs/agent-workflow-quickstart.md. - Structured onboarding for new contributors: a one-week Rust ramp, a guided mini-project, and autograder-style CLI tests in
tests/onboarding_hash_cli.rs, backed bydocs/onboarding_assignment.txtanddocs/onboarding-example-prs.md. - Cross-platform CI on Linux, macOS, and Windows across x86_64 and ARM64 with pinned GitHub Action SHAs,
cargo audit,cargo deny,cargo supply-chain, SBOM generation, concurrency cancellation, tiered caching, and deterministicRUSTFLAGS. - A crates.io-only dependency policy in
deny.toml, withunknown-registry = "deny"andunknown-git = "deny". - Automated signature publishing: a weekly workflow generates 150 signatures, prepares checksummed update artifacts, and publishes them to GitHub Pages and GitHub Releases.
- Defense-in-depth implementation details already present in the codebase: checksum-verified updates, atomic database writes, quarantine path validation, restrictive permissions, and rollback logic for failure paths.
- Executable quality gates via
scripts/validate_strict.sh, which runs formatting, clippy, the main test suite, ignored tests, and doctests. On the checked-outmainbranch inspected on April 7, 2026, that strict validation path passed.
The supported setup path today is a source build.
The packaged install flow described in
docs/Comprehensive_Plan_2026.txt is still
on the roadmap; scripts/install.sh and scripts/install.ps1 are not present
in this checkout yet.
-
macOS/Linux:
git clone https://github.com/Jordan231111/MalwareMinimizer.git cd MalwareMinimizer ./scripts/setup.sh cargo build -
Windows:
Follow the manual setup steps in the Development Guide.
-
Fast Scan:
cargo run -- scan --path /path/to/scan
-
Deep Scan:
cargo run -- scan --path /path/to/scan --deep
-
Update the signature database:
cargo run -- update-db
-
Print OS-specific scheduling instructions:
cargo run -- schedule-updates --hours 12
-
Quarantine Detected Malware:
cargo run -- quarantine-file --path /path/to/file --name "EICAR Test File" -
List quarantined files:
cargo run -- list-quarantined
-
Restore a quarantined file:
cargo run -- restore --id <entry_id>
-
Remove a quarantined file:
cargo run -- remove --id <entry_id> --force
-
Hash a file or directory:
cargo run -- hash --path /path/to/file --json
remove-file and ID-based quarantine remain exposed in the CLI surface, but
the current release-ready path is quarantine-file -> list-quarantined ->
restore / remove.
See the Development Guide for full setup steps.
Quick summary:
- Rust (stable toolchain)
- Python 3.11 (for helper scripts/tests)
- Optional OpenSSL dependencies if native TLS is used
- Run
./scripts/setup.shon macOS/Linux for a guided setup
- Scanning happens locally on your machine.
- Database updates are pulled from trusted sources; verify checksums when provided.
- Do not use real malware samples in tests—use the EICAR test string.
- Q: My Python interpreter is 3.13.x. How do I switch to 3.11?
A: In VS Code, click the Python version in the bottom-right status bar and select 3.11 from the interpreter list.
We welcome contributions! If you'd like to contribute:
- Fork the repository.
- Create a new branch for your feature/bugfix.
- Submit a pull request with detailed descriptions of your changes.
- See Contributing Guidelines for details.
Please submit feedback, suggestions, or bug reports via:
- GitHub Issues: Create an Issue
- Discord: Join our Project Discord.
This project is licensed under the GNU GPL v3.0 or later. See LICENSE.