Custos is a Rust-based Intrusion Detection System (IDS). This applications scans configured directories, hashes files and stores the results to detect changes to files as well as new files. These new or changed files can then be processed using YARA rules to detect files with malicious signatures.

The purpose of this application is to assist internally with our malware analysis, but it can be used by anyone who needs to monitor files for changes or new files.

This project is currently in very early development and is not yet ready for production use. The source code, however, is available on our GitHub page.