Adir Shitrit
|
65768c6600
|
add dynamic YARA rule engine
|
2025-11-08 13:32:41 +02:00 |
|
Adir Shitrit
|
94508647fc
|
add live threat intelligence feeds
|
2025-11-08 13:32:13 +02:00 |
|
Adir Shitrit
|
773b1b4848
|
add cloud ML engine for threat detection
|
2025-11-08 13:31:52 +02:00 |
|
Adir Shitrit
|
cdb294a365
|
Add configuration file support to CLI
|
2025-11-08 12:43:11 +02:00 |
|
Adir Shitrit
|
d89444a268
|
Add JSON output format support
|
2025-11-08 12:40:55 +02:00 |
|
Adir Shitrit
|
fe3e5e3b21
|
add configuration system with TOML support
|
2025-11-08 12:20:53 +02:00 |
|
Adir Shitrit
|
bb93dcb14c
|
implement comprehensive testing framework for validation
|
2025-11-08 11:48:04 +02:00 |
|
Adir Shitrit
|
e4ad7c6862
|
add eBPF kernel tracing for Linux process monitoring
|
2025-11-08 11:47:58 +02:00 |
|
Adir Shitrit
|
cd61b89eb5
|
update dependencies for async and serialization support
|
2025-11-08 11:47:46 +02:00 |
|
Adir Shitrit
|
279fb8f434
|
integrate new detection modules into main engine
|
2025-11-08 11:47:39 +02:00 |
|
Adir Shitrit
|
21dce3ae9e
|
implement real-time event streaming and alerting
|
2025-11-08 11:47:33 +02:00 |
|
Adir Shitrit
|
f961f1eb9b
|
add anti-analysis evasion detection capabilities
|
2025-11-08 11:47:27 +02:00 |
|
Adir Shitrit
|
0df02e127a
|
implement threat intelligence lookup and IOC matching
|
2025-11-08 11:47:21 +02:00 |
|
Adir Shitrit
|
095123f405
|
add statistical anomaly detection for process analysis
|
2025-11-08 11:47:15 +02:00 |
|
Adir Shitrit
|
bae68652e1
|
feat: implement comprehensive process hollowing detection
|
2025-11-08 11:16:42 +02:00 |
|
Adir Shitrit
|
7eddbb575a
|
feat: implement sophisticated shellcode pattern detection
|
2025-11-08 11:15:12 +02:00 |
|
Adir Shitrit
|
c65d24cd16
|
feat: add Windows hook injection detection (SetWindowsHookEx)
|
2025-11-08 11:13:14 +02:00 |
|
Adir Shitrit
|
47c58f6b50
|
add comprehensive unit tests for detection engine
|
2025-11-08 11:11:06 +02:00 |
|
Adir Shitrit
|
1317e27b5e
|
fix: handle system process PIDs in memory enumeration
|
2025-11-08 11:10:29 +02:00 |
|
Adir Shitrit
|
4740304043
|
add creation_time field to ThreadInfo struct
|
2025-11-08 11:10:12 +02:00 |
|
Adir Shitrit
|
6ff3fedc10
|
add thread analysis for injection detection
|
2025-11-08 11:09:00 +02:00 |
|
Adir Shitrit
|
a726adb185
|
add process path resolution for better identification
|
2025-11-08 11:08:21 +02:00 |
|
Adir Shitrit
|
c7ae466c05
|
add structured error handling with thiserror
|
2025-11-08 11:07:48 +02:00 |
|
Adir Shitrit
|
1aa6f828cf
|
fix whitespace in memory region type parsing
|
2025-11-08 11:06:23 +02:00 |
|
Adir Shitrit
|
ee21be20dc
|
enhance memory pattern detection heuristics
|
2025-11-08 11:06:07 +02:00 |
|
Adir Shitrit
|
8abd70d48a
|
add thread enumeration support
|
2025-11-07 18:09:06 +02:00 |
|
Adir Shitrit
|
c79e7d6ed6
|
add basic detection engine with heuristics
|
2025-11-07 18:07:51 +02:00 |
|
Adir Shitrit
|
19e79449e0
|
track parent PID and thread count in ProcessInfo
|
2025-11-07 18:07:07 +02:00 |
|
Adir Shitrit
|
3df61c281f
|
add memory region enumeration for Windows
|
2025-11-07 18:04:12 +02:00 |
|
Adir Shitrit
|
8b55344d9b
|
add ghost-core with basic process enumeration
|
2025-11-07 18:02:30 +02:00 |
|