rayhunter

mirror of https://github.com/EFForg/rayhunter.git synced 2026-04-27 07:59:59 -07:00

Author	SHA1	Message	Date
Will Greenberg	3619df32ab	check: give qmdl-path a shorthand arg	2025-01-28 11:02:19 -08:00
Will Greenberg	3e26e61b05	check: don't count informational events as warnings, better logging	2025-01-28 11:02:19 -08:00
Will Greenberg	327eaddcd7	rayhunter-check: pcapify qmdl	2025-01-06 16:24:11 -08:00
Will Greenberg	16f705f29c	Add the test analyzer entirely via daemon flags Also consolidate the duplicate AnalysisWriter implementation	2024-10-08 14:58:46 -07:00
Will Greenberg	df84faa1f9	On-demand analysis of past recordings * rayhunter-daemon: API for triggering and reading analysis * rayhunter-daemon: rename readonly mode to debug mode * rayhunter-daemon: debug mode allows live-loading frontend files * rayhunter-check: rework to handle directories * rayhunter-check: better output * CI: build rayhunter-check	2024-10-08 14:58:46 -07:00
Will Greenberg	861aaedd47	rayhunter-check improvements	2024-08-19 16:49:01 -07:00
Will Greenberg	bfc688ad21	daemon: switch to writing heuristics output to ND-JSON ND-JSON (newline-delimited JSON) is just a file with a list of JSON objects separated by newlines. This way, as the analyzer harness processes new packets, it can simply append JSON-serialized results to a file without parsing the entire thing first. Also simplifies the analysis stuff to all operate in the diag thread.	2024-05-09 14:46:41 -07:00
Will Greenberg	3c932f0ce9	daemon: run analysis in realtime Currently we just show the results of analysis as a <pre> tagged JSON blob, but eventually we can make some actual UI	2024-05-08 14:58:14 -07:00
Will Greenberg	531c10cf29	Add rayhunter-check, a utility for running QMDL heuristics	2024-03-11 18:21:52 -07:00

9 Commits