c9e2e8dff8
Refactor suspicious artifact data structures, enhance eliminated state tracking, and update UI rendering for eliminated items. Add JSON marshal/unmarshal support for Binary and Directory types.
2025-10-11 21:01:07 -04:00
bde1b23753
Enhance detection logic to include process-based suspicious connection checks and refine firewall rule attributes in eliminate package. Add PID-to-process name mapping functionality.
2025-10-11 19:49:21 -04:00
a5d3623a72
Upgrade Scurvy library and add forced elevation logic with improved usage examples
2025-10-11 19:23:44 -04:00
d14b2837d0
Update eliminate connection logic to refine firewall rules and upgrade Scurvy library to latest version
2025-10-11 18:42:58 -04:00
9c54a22bcf
Update eliminate connection logic to refine firewall rules and upgrade Scurvy library to latest version
2025-10-11 18:06:42 -04:00
b855f0eaec
Add eliminate package with functions for removing suspicious artifacts (files, directories, processes, services, scheduled tasks) and enhance detection logic to include whitelist checks and multi-indicator scoring
2025-10-11 17:22:44 -04:00
e835629643
Improve AutoRun and service detection with enhanced vendor/token matching, reduced false positives, and isolated changes
2025-10-11 15:26:42 -04:00
53f527feff
Refactor AutoRun detection to use Scurvy library, enhance suspicious entry checks, and update UI rendering for detailed info
2025-10-11 15:15:35 -04:00
02ed2ce046
Initialize web package with placeholder file
2025-10-10 23:00:13 -04:00
ec307bc91f
Add web and CLI UI options for eliminate command with mutual exclusivity and required flag checks
...
Introduce `--web` and `--cli` flags to select alternative interfaces for the elimination flow. Add validation to enforce mutual exclusivity and ensure one option is specified. Include placeholder logic for web UI implementation.
2025-10-10 22:59:46 -04:00
192ce28d89
Add warning modal support and checks for blocked binaries and directories
...
Introduce `WarnBlock` to handle non-fatal warnings displayed in a warning modal. Add pre-elimination checks to identify blocked binaries and directories based on running processes or enabled services. Enhance path normalization for robust comparisons.
2025-10-10 22:53:20 -04:00
2b6c4eb4cd
Implement TUI for managing suspicious artifacts (FilePicker, TypePicker, ListView, and DetailView)
...
Introduce Bubble Tea-based terminal UI to manage suspicious artifact findings, including file selection, type filtering, list view, and details.
2025-10-10 22:43:47 -04:00
9d385bb6b0
Update htmlTemplate.go
2025-10-10 18:03:35 -04:00
d28b8b1211
Refine AutoRun logging to display key counts, remove redundant entry count log
2025-10-10 17:01:14 -04:00
7cdee4b62c
Enhance directory detection to handle prefix matching and eliminate duplicates
...
Helps to discover directories with a prefix instead of just by exact match
2025-10-10 16:57:12 -04:00
9512022a73
Standardize and fix README code block formatting for improved readability
2025-10-10 16:48:43 -04:00
967b0c1de1
Fix README formatting for consistent code block styling and improve clarity in usage examples
2025-10-10 16:47:27 -04:00
23c1a7d8a7
Add MIT License and update README with attribution guidelines and license details
2025-10-10 16:23:31 -04:00
f48178f450
Add README, .gitignore, and refactor common detection constants
2025-10-10 16:20:55 -04:00
e2015b3df2
Add JSON and HTML writers for reporting Hunter findings
2025-10-10 16:06:48 -04:00
10b1bb7ed6
Implement initial detection and data structures for suspicious artifacts
2025-10-10 15:35:17 -04:00
Evan Hosinski