Jake Abendroth

Argus

A high-performance directory checksum monitoring tool built in Rust that recursively scans directories and calculates SHA-256 checksums for file integrity verification.

Rust
SHA-256
File Integrity
Cybersecurity
CLI
NDJSON
Tokio
View on GitHub

Status

Active Development

Started

2024

Primary Language

Rust

Last Updated

2024

Overview

Argus is a lightweight, high-performance file integrity monitoring tool built in Rust. It recursively scans directories, calculates SHA-256 checksums for each file, and stores results in NDJSON format for easy processing. Designed for security professionals and system administrators who need reliable file integrity monitoring with minimal resource overhead. The tool supports both one-time scans and continuous monitoring modes, making it suitable for various security and compliance scenarios.

Problem Statement

File integrity monitoring is crucial for cybersecurity, but many existing tools are resource-intensive, slow, or lack the flexibility needed for different environments. System administrators need a lightweight solution that can quickly process large numbers of files while providing reliable change detection. Traditional tools often struggle with performance when scanning large directory structures or consume excessive system resources during operation.

Solution

Argus leverages Rust's performance and safety features to provide an efficient file integrity solution. It uses optimized algorithms for directory traversal and checksum calculation, supports parallel processing for improved performance, and outputs results in machine-readable NDJSON format. The tool is designed to be memory-efficient and can handle large directory structures without significant system impact.

Key Features
  • Recursive directory scanning with configurable depth limits
  • SHA-256 checksum calculation for all file types
  • NDJSON output format for easy integration with other tools
  • Parallel processing for improved performance on multi-core systems
  • Configurable exclusion patterns for files and directories
  • Progress reporting for long-running scans
  • Cross-platform support (Linux, macOS, Windows)
  • Memory-efficient processing of large directory structures
Challenges & Learnings

Key challenges included optimizing recursive directory traversal for maximum performance, implementing efficient checksum calculation that doesn't overwhelm system I/O, designing a user-friendly command-line interface while maintaining flexibility, and ensuring the tool remains lightweight while providing comprehensive monitoring capabilities. Memory management and error handling for various file system edge cases also required careful consideration.

Quick Actions
View Source CodeGet in Touch
Technologies Used
Rust
SHA-256
File Integrity
Cybersecurity
CLI
NDJSON
Tokio
Future Improvements
  • Real-time file system monitoring using inotify/kqueue
  • Integration with SIEM systems and security tools
  • Support for additional hashing algorithms (SHA-512, BLAKE3)
  • Database backend for storing historical scan results
  • Web interface for monitoring and alerting
  • Email and webhook notifications for detected changes
  • Configuration file support for complex scanning scenarios
  • Performance optimizations for network-attached storage
Project Info
Status
Active Development
Started2024
Last Updated2024
LanguageRust