 Evan Hosinski
|
bde1b23753
|
Enhance detection logic to include process-based suspicious connection checks and refine firewall rule attributes in eliminate package. Add PID-to-process name mapping functionality.
|
2025-10-11 19:49:21 -04:00 |
|
|
Evan Hosinski
|
9c54a22bcf
|
Update eliminate connection logic to refine firewall rules and upgrade Scurvy library to latest version
|
2025-10-11 18:06:42 -04:00 |
|
|
Evan Hosinski
|
b855f0eaec
|
Add eliminate package with functions for removing suspicious artifacts (files, directories, processes, services, scheduled tasks) and enhance detection logic to include whitelist checks and multi-indicator scoring
|
2025-10-11 17:22:44 -04:00 |
|
|
Evan Hosinski
|
e835629643
|
Improve AutoRun and service detection with enhanced vendor/token matching, reduced false positives, and isolated changes
|
2025-10-11 15:26:42 -04:00 |
|
|
Evan Hosinski
|
53f527feff
|
Refactor AutoRun detection to use Scurvy library, enhance suspicious entry checks, and update UI rendering for detailed info
|
2025-10-11 15:15:35 -04:00 |
|
|
KrakenTech
|
9d385bb6b0
|
Update htmlTemplate.go
|
2025-10-10 18:03:35 -04:00 |
|
|
Evan Hosinski
|
d28b8b1211
|
Refine AutoRun logging to display key counts, remove redundant entry count log
|
2025-10-10 17:01:14 -04:00 |
|
|
Evan Hosinski
|
7cdee4b62c
|
Enhance directory detection to handle prefix matching and eliminate duplicates
Helps to discover directories with a prefix instead of just by exact match
|
2025-10-10 16:57:12 -04:00 |
|
|
Evan Hosinski
|
f48178f450
|
Add README, .gitignore, and refactor common detection constants
|
2025-10-10 16:20:55 -04:00 |
|
|
Evan Hosinski
|
e2015b3df2
|
Add JSON and HTML writers for reporting Hunter findings
|
2025-10-10 16:06:48 -04:00 |
|
|
Evan Hosinski
|
10b1bb7ed6
|
Implement initial detection and data structures for suspicious artifacts
|
2025-10-10 15:35:17 -04:00 |
|