admin/ghost
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add output file option to CLI

Browse Source
This commit is contained in:
Adir Shitrit
2025-11-08 12:29:21 +02:00
parent 444cf191e4
commit 3ae9cbc907
1 changed files with 29 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
ghost-cli/src/main.rs
View File

@@ -35,11 +35,19 @@ fn main() -> Result<()> {
.value_name("PID") .value_name("PID")
.help("Target specific process ID") .help("Target specific process ID")
) )
.arg(
Arg::new("output")
.short('o')
.long("output")
.value_name("FILE")
.help("Write results to file instead of stdout")
)
.get_matches(); .get_matches();
let format = matches.get_one::<String>("format").unwrap(); let format = matches.get_one::<String>("format").unwrap();
let verbose = matches.get_flag("verbose"); let verbose = matches.get_flag("verbose");
let target_pid = matches.get_one::<String>("pid"); let target_pid = matches.get_one::<String>("pid");
let output_file = matches.get_one::<String>("output");
println!("Ghost v0.1.0 - Process Injection Detection\n"); println!("Ghost v0.1.0 - Process Injection Detection\n");
@@ -99,10 +107,11 @@ fn main() -> Result<()> {
println!("Scan completed with {} access errors", error_count); println!("Scan completed with {} access errors", error_count);
} }
if detections.is_empty() { // Handle output
println!("No suspicious activity detected."); let output_content = if detections.is_empty() {
"No suspicious activity detected.".to_string()
} else { } else {
println!("Found {} suspicious processes:\n", detections.len()); let mut content = format!("Found {} suspicious processes:\n\n", detections.len());
for detection in detections { for detection in detections {
let level_str = match detection.threat_level { let level_str = match detection.threat_level {
@@ -111,19 +120,31 @@ fn main() -> Result<()> {
_ => "CLEAN", _ => "CLEAN",
}; };
println!( content.push_str(&format!(
"[{}] {} (PID: {}) - Confidence: {:.1}%", "[{}] {} (PID: {}) - Confidence: {:.1}%\n",
level_str, level_str,
detection.process.name, detection.process.name,
detection.process.pid, detection.process.pid,
detection.confidence * 100.0 detection.confidence * 100.0
); ));
for indicator in &detection.indicators { for indicator in &detection.indicators {
println!(" - {}", indicator); content.push_str(&format!(" - {}\n", indicator));
} }
println!(); content.push('\n');
} }
content
};
if let Some(output_path) = output_file {
use std::fs::File;
use std::io::Write;
let mut file = File::create(output_path)?;
file.write_all(output_content.as_bytes())?;
println!("Results written to {}", output_path);
} else {
print!("{}", output_content);
} }
Ok(()) Ok(())