KrakenTech/RMM-Hunter
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add JSON and HTML writers for reporting Hunter findings

Browse Source
This commit is contained in:
Evan Hosinski
2025-10-10 16:06:48 -04:00
parent 10b1bb7ed6
commit e2015b3df2
9 changed files with 894 additions and 30 deletions
Download Patch File Download Diff File Expand all files Collapse all files
internal/pkg/hunt/detect/common/functions.go
+1 -9
View File
@@ -22,17 +22,10 @@ func AnalyzeExecutablePath(command string) (bool, string) {
}
}
// Check for suspicious installation paths
suspiciousPaths := []string{
"\\temp\\", "\\tmp\\", "\\appdata\\local\\temp\\",
"\\users\\public\\", "\\programdata\\",
"\\windows\\temp\\", "\\%temp%\\",
}
execPathLower := strings.ToLower(execPath)
// Check for suspicious installation paths
suspiciousPaths = []string{
suspiciousPaths := []string{
"\\temp\\", "\\tmp\\", "\\appdata\\local\\temp\\",
"\\users\\public\\", "\\programdata\\",
"\\windows\\temp\\", "\\%temp%\\",
@@ -50,7 +43,6 @@ func AnalyzeExecutablePath(command string) (bool, string) {
"\\oracle\\",
"\\citrix\\",
"\\vmware\\",
// Add more trusted publishers as needed
}
isTrusted := false