UNPKG

@iota-big3/sdk-security

Version:

Advanced security features including zero trust, quantum-safe crypto, and ML threat detection

61 lines 1.9 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
/** * Memory Forensics Analyzer * Analyzes memory dumps for malware, suspicious processes, and IOCs */ import { EventEmitter } from 'events'; import { AnalysisResult, Artifact, ForensicAnalysisType, ForensicAnalyzer, ForensicEvidence } from '../types'; export declare class MemoryAnalyzer extends EventEmitter implements ForensicAnalyzer { readonly type = ForensicAnalysisType.MEMORY; private knownGoodProcesses; private suspiciousPatterns; private malwareSignatures; constructor(); /** * Analyze memory dump */ analyze(evidence: ForensicEvidence): Promise<AnalysisResult>; /** * Validate memory dump */ validate(evidence: ForensicEvidence): Promise<boolean>; /** * Extract artifacts from memory */ extract(evidence: ForensicEvidence, options?: any): Promise<Artifact[]>; /** * Generate report */ generateReport(analysis: AnalysisResult): Promise<string>; /** * Export findings */ exportFindings(analysis: AnalysisResult, format: string): Promise<Buffer>; /** * Private helper methods */ private parseMemoryDump; private analyzeProcesses; private analyzeNetworkConnections; private analyzeModules; private analyzeInjections; private analyzeHooks; private extractStrings; private buildTimeline; private isProcessMasquerading; private categorizeStrings; private formatBytes; private exportToCSV; private exportToSTIX; private iocToSTIXPattern; private readHeader; private extractExecutables; private extractNetworkData; private extractRegistryHives; private generateConclusion; private generateMockProcesses; private generateMockConnections; private generateMockModules; private generateMockInjections; private generateMockHooks; } //# sourceMappingURL=memory-analyzer.d.ts.map