Antaryon
An Asynchronous Lightweight Endpoint Telemetry Architecture
Project Overview & Genesis
What is Antaryon? Antaryon is a high-performance, native Windows background execution agent designed using C# and the .NET framework. It serves as a specialized telemetry engine that decouples standard endpoint data processing from user-facing graphical interfaces, streaming critical runtime system configurations to a centralized management console via non-blocking, asynchronous pipelines.
Why I Created It: As a Computer Science & Engineering (CSE) student deeply fascinated by operating system internals and security research, I wanted to understand exactly how low-level Windows APIs interface with high-level network applications. Instead of relying on pre-built third-party administrative utilities, I challenged myself to build a robust endpoint management platform from scratch. This project allowed me to explore multi-threading models, registry-based execution contexts, and cryptographic machine identifier generation in a real-world software architecture scenario.
Technical Implementation Blueprint
1. Machine Identification
Generates a static, hardware-bound identifier to track distinct deployment endpoints across changing network parameters.
MachineGuid registry key or checks active MAC addresses via NetworkInterface properties to construct a unique fingerprint tag.
2. Persistence Configuration
Ensures that the administrative agent remains functional across system reboots and user session restarts.
SOFTWARE\Microsoft\Windows\CurrentVersion\Run to register the binary container automatically.
3. Telemetry Check-in Loops
Maintains a structured, low-overhead beacon status report to verify asset status and resource usage constraints.
4. Asynchronous Task Routing
Polls back-end database controller queues to dynamically parse commands without locking the main thread execution context.
5. File Processing Utilities
Enables administrative context switching, allowing direct directory tracking and remote diagnostic log verification.
6. Graphical Verification Modules
Interacts directly with the localized GDI subsystem to provide visual environment validation logs during remote support sessions.
GetDesktopWindow and CopyFromScreen, rendering active session contexts into memory buffers.