Add eliminate package with functions for removing suspicious artifacts (files, directories, processes, services, scheduled tasks) and enhance detection logic to include whitelist checks and multi-indicator scoring

2025-10-11 17:22:44 -04:00
parent e835629643
commit b855f0eaec
15 changed files with 346 additions and 114 deletions
@@ -0,0 +1,11 @@
+package eliminate
+
+import (
+	. "rmm-hunter/internal/suspicious"
+
+	scurvy "github.com/Kraken-OffSec/Scurvy"
+)
+
+func EliminateScheduledTask(t ScheduledTask) error {
+	return scurvy.DeleteScheduledTask(t.Name)
+}