Adir Shitrit
|
7eddbb575a
|
feat: implement sophisticated shellcode pattern detection
|
2025-11-08 11:15:12 +02:00 |
|
Adir Shitrit
|
c65d24cd16
|
feat: add Windows hook injection detection (SetWindowsHookEx)
|
2025-11-08 11:13:14 +02:00 |
|
Adir Shitrit
|
47c58f6b50
|
add comprehensive unit tests for detection engine
|
2025-11-08 11:11:06 +02:00 |
|
Adir Shitrit
|
1317e27b5e
|
fix: handle system process PIDs in memory enumeration
|
2025-11-08 11:10:29 +02:00 |
|
Adir Shitrit
|
4740304043
|
add creation_time field to ThreadInfo struct
|
2025-11-08 11:10:12 +02:00 |
|
Adir Shitrit
|
6ff3fedc10
|
add thread analysis for injection detection
|
2025-11-08 11:09:00 +02:00 |
|
Adir Shitrit
|
a726adb185
|
add process path resolution for better identification
|
2025-11-08 11:08:21 +02:00 |
|
Adir Shitrit
|
c7ae466c05
|
add structured error handling with thiserror
|
2025-11-08 11:07:48 +02:00 |
|
Adir Shitrit
|
1aa6f828cf
|
fix whitespace in memory region type parsing
|
2025-11-08 11:06:23 +02:00 |
|
Adir Shitrit
|
ee21be20dc
|
enhance memory pattern detection heuristics
|
2025-11-08 11:06:07 +02:00 |
|
Adir Shitrit
|
8abd70d48a
|
add thread enumeration support
|
2025-11-07 18:09:06 +02:00 |
|
Adir Shitrit
|
c79e7d6ed6
|
add basic detection engine with heuristics
|
2025-11-07 18:07:51 +02:00 |
|
Adir Shitrit
|
19e79449e0
|
track parent PID and thread count in ProcessInfo
|
2025-11-07 18:07:07 +02:00 |
|
Adir Shitrit
|
3df61c281f
|
add memory region enumeration for Windows
|
2025-11-07 18:04:12 +02:00 |
|
Adir Shitrit
|
8b55344d9b
|
add ghost-core with basic process enumeration
|
2025-11-07 18:02:30 +02:00 |
|