Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add linux hidden_modules plugin #1283

Open
wants to merge 10 commits into
base: develop
Choose a base branch
from
Open

Add linux hidden_modules plugin #1283

wants to merge 10 commits into from

Commits on Oct 1, 2024

  1. Refactor of module object. Adding function helpers to simplify the co… 

    …ntrol of exceptions and errors and consolidate everything on them.
    @gcmoreira
    gcmoreira committed Oct 1, 2024
    Configuration menu
    Copy the full SHA
    6cd39c0 View commit details
    Browse the repository at this point in the history

  2. Add linux.hidden_modules plugin

    @gcmoreira
    gcmoreira committed Oct 1, 2024
    Configuration menu
    Copy the full SHA
    5dee3ae View commit details
    Browse the repository at this point in the history

  3. Allow any module state value in both traditional and fast scan methods

    @gcmoreira
    gcmoreira committed Oct 1, 2024
    Configuration menu
    Copy the full SHA
    d5e6e7c View commit details
    Browse the repository at this point in the history

Commits on Oct 3, 2024

  1. Make it callable from other plugins. 

    Additionally, classmethod helpers were added, and docstrings were enhanced for improved usability and clarity.
    @gcmoreira
    gcmoreira committed Oct 3, 2024
    Configuration menu
    Copy the full SHA
    590aa9c View commit details
    Browse the repository at this point in the history

  2. Added the --heuristic-mode option, which relaxes constraints to impro… 

    …ve detection of more advanced threats
    @gcmoreira
    gcmoreira committed Oct 3, 2024
    Configuration menu
    Copy the full SHA
    8d925bd View commit details
    Browse the repository at this point in the history

  3. Fix typo in usage help

    @gcmoreira
    gcmoreira committed Oct 3, 2024
    Configuration menu
    Copy the full SHA
    e8754fa View commit details
    Browse the repository at this point in the history

  4. Linux: hidden_modules: Add @Abyss-W4tcher suggestion to optimize the … 

    …fast scan method for even better performance, using the mkobj.mod self referential validation used in module.is_valid() as pre-filter

Removed the --heuristic-mode and the module.states validation, since the self referential check is enough by itself
    @gcmoreira
    gcmoreira committed Oct 3, 2024
    Configuration menu
    Copy the full SHA
    b5948d7 View commit details
    Browse the repository at this point in the history

  5. Linux: hidden_modules: remove missed optional heuristic_mode argument

    @gcmoreira
    gcmoreira committed Oct 3, 2024
    Configuration menu
    Copy the full SHA
    f455c30 View commit details
    Browse the repository at this point in the history

Commits on Oct 16, 2024

  1. linux: hidden_modules: Make the fast method the default. Remove vol2 … 

    …and fall back to a 1-byte alignment scan if addresses aren't aligned to the L1 cache size
    @gcmoreira
    gcmoreira committed Oct 16, 2024
    Configuration menu
    Copy the full SHA
    d98c7eb View commit details
    Browse the repository at this point in the history

  2. linux: hidden_modules: Remove unused module imports

    @gcmoreira
    gcmoreira committed Oct 16, 2024
    Configuration menu
    Copy the full SHA
    0ddd921 View commit details
    Browse the repository at this point in the history