KrakenTech/RMM-Hunter
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
10b1bb7ed65ada8721d6e63a7b6986258d5fb28c
RMM-Hunter/internal/pkg/hunter/hunter.go
T

56 lines
1.3 KiB
Go
Raw Blame History

package hunter
import (
"rmm-hunter/internal/pkg"
"rmm-hunter/internal/pkg/hunt/detect/autorun"
"rmm-hunter/internal/pkg/hunt/detect/binaries"
"rmm-hunter/internal/pkg/hunt/detect/connections"
"rmm-hunter/internal/pkg/hunt/detect/directory"
"rmm-hunter/internal/pkg/hunt/detect/processes"
"rmm-hunter/internal/pkg/hunt/detect/scheduledTasks"
"rmm-hunter/internal/pkg/hunt/detect/services"
. "rmm-hunter/internal/suspicious"
)
type Hunter struct {
Options pkg.RunOptions
Sus Suspicious
}
func Start(options pkg.RunOptions) {
hunter := Hunter{
Options: options,
}
hunter.run()
}
func (h *Hunter) run() {
// Find suspicious processes
processes := processes.Detect()
h.Sus.Processes = processes
// Find suspicious services
services := services.Detect()
h.Sus.Services = services
// Find suspicious autoruns
autoruns := autorun.Detect()
h.Sus.AutoRuns = autoruns
// Find suspicious outbound connections
connections := connections.DetectOutboundConnections()
h.Sus.OutboundConnections = connections
// Find suspicious scheduled tasks
tasks := scheduledTasks.Detect()
h.Sus.ScheduledTasks = tasks
// Find suspicious binaries
binaries := binaries.Detect()
h.Sus.Binaries = binaries
// Find suspicious directories
directories := directory.Detect()
h.Sus.Directories = directories
}
Reference in New Issue View Git Blame Copy Permalink