@iota-big3/sdk-security
Version:
Advanced security features including zero trust, quantum-safe crypto, and ML threat detection
67 lines • 2.11 kB
TypeScript
/**
* Disk Forensics Analyzer
* Analyzes disk images for deleted files, artifacts, and timeline reconstruction
*/
import { EventEmitter } from 'events';
import { AnalysisResult, Artifact, ForensicAnalysisType, ForensicAnalyzer, ForensicEvidence } from '../types';
export declare class DiskAnalyzer extends EventEmitter implements ForensicAnalyzer {
readonly type = ForensicAnalysisType.DISK;
private suspiciousFiles;
private knownMalwareHashes;
private browserPaths;
constructor();
/**
* Analyze disk image
*/
analyze(evidence: ForensicEvidence): Promise<AnalysisResult>;
/**
* Validate disk image
*/
validate(evidence: ForensicEvidence): Promise<boolean>;
/**
* Extract artifacts from disk
*/
extract(evidence: ForensicEvidence, options?: any): Promise<Artifact[]>;
/**
* Generate report
*/
generateReport(analysis: AnalysisResult): Promise<string>;
/**
* Export findings
*/
exportFindings(analysis: AnalysisResult, format: string): Promise<Buffer>;
/**
* Private helper methods
*/
private parseDiskImage;
private analyzeTimeline;
private analyzeDeletedFiles;
private analyzeCarvedFiles;
private analyzeRegistry;
private analyzeBrowserArtifacts;
private analyzePrefetch;
private isSuspiciousPath;
private isSuspiciousDownload;
private getArtifactType;
private extractFilePathFromRegistry;
private isRenamedExecutable;
private generateConclusion;
private formatBytes;
private exportTimeline;
private exportForensicXML;
private escapeXML;
private readHeader;
private extractDeletedFiles;
private extractRegistryHives;
private extractBrowserData;
private extractLogFiles;
private generateMockTimeline;
private generateMockDeletedFiles;
private generateMockCarvedFiles;
private generateMockRegistry;
private generateMockBrowserArtifacts;
private generateMockPrefetch;
private generateRandomPath;
private knownGoodProcesses;
}
//# sourceMappingURL=disk-analyzer.d.ts.map