ghost-cli/src/main.rs

use anyhow::Result;
use ghost_core::{memory, process, thread, DetectionEngine, ThreatLevel};

fn main() -> Result<()> {
    env_logger::init();

    println!("Ghost v0.1.0 - Process Injection Detection\n");

    let mut engine = DetectionEngine::new();
    let processes = process::enumerate_processes()?;

    println!("Scanning {} processes...\n", processes.len());

    let mut detections = Vec::new();

    for proc in &processes {
        if let Ok(regions) = memory::enumerate_memory_regions(proc.pid) {
            // Get thread information if available
            let threads = thread::enumerate_threads(proc.pid).ok();
            let result = engine.analyze_process(proc, &regions, threads.as_deref());

            if result.threat_level != ThreatLevel::Clean {
                detections.push(result);
            }
        }
    }

    if detections.is_empty() {
        println!("No suspicious activity detected.");
    } else {
        println!("Found {} suspicious processes:\n", detections.len());

        for detection in detections {
            let level_str = match detection.threat_level {
                ThreatLevel::Suspicious => "SUSPICIOUS",
                ThreatLevel::Malicious => "MALICIOUS",
                _ => "CLEAN",
            };

            println!(
                "[{}] {} (PID: {}) - Confidence: {:.1}%",
                level_str,
                detection.process.name,
                detection.process.pid,
                detection.confidence * 100.0
            );

            for indicator in &detection.indicators {
                println!("  - {}", indicator);
            }
            println!();
        }
    }

    Ok(())
}
add basic CLI for testing enumeration 2025-11-07 18:05:07 +02:00			`use anyhow::Result;`
integrate thread enumeration into CLI scanning 2025-11-08 11:09:18 +02:00			`use ghost_core::{memory, process, thread, DetectionEngine, ThreatLevel};`
add basic CLI for testing enumeration 2025-11-07 18:05:07 +02:00
			`fn main() -> Result<()> {`
			`env_logger::init();`

integrate detection engine into CLI 2025-11-07 18:08:21 +02:00			`println!("Ghost v0.1.0 - Process Injection Detection\n");`
add basic CLI for testing enumeration 2025-11-07 18:05:07 +02:00
integrate detection engine into CLI 2025-11-07 18:08:21 +02:00			`let mut engine = DetectionEngine::new();`
add basic CLI for testing enumeration 2025-11-07 18:05:07 +02:00			`let processes = process::enumerate_processes()?;`

integrate detection engine into CLI 2025-11-07 18:08:21 +02:00			`println!("Scanning {} processes...\n", processes.len());`
add basic CLI for testing enumeration 2025-11-07 18:05:07 +02:00
integrate detection engine into CLI 2025-11-07 18:08:21 +02:00			`let mut detections = Vec::new();`

			`for proc in &processes {`
add basic CLI for testing enumeration 2025-11-07 18:05:07 +02:00			`if let Ok(regions) = memory::enumerate_memory_regions(proc.pid) {`
integrate thread enumeration into CLI scanning 2025-11-08 11:09:18 +02:00			`// Get thread information if available`
			`let threads = thread::enumerate_threads(proc.pid).ok();`
			`let result = engine.analyze_process(proc, &regions, threads.as_deref());`
integrate detection engine into CLI 2025-11-07 18:08:21 +02:00
			`if result.threat_level != ThreatLevel::Clean {`
			`detections.push(result);`
			`}`
			`}`
			`}`

			`if detections.is_empty() {`
			`println!("No suspicious activity detected.");`
			`} else {`
			`println!("Found {} suspicious processes:\n", detections.len());`

			`for detection in detections {`
			`let level_str = match detection.threat_level {`
			`ThreatLevel::Suspicious => "SUSPICIOUS",`
			`ThreatLevel::Malicious => "MALICIOUS",`
			`_ => "CLEAN",`
			`};`

			`println!(`
			`"[{}] {} (PID: {}) - Confidence: {:.1}%",`
			`level_str,`
			`detection.process.name,`
			`detection.process.pid,`
			`detection.confidence * 100.0`
			`);`
add basic CLI for testing enumeration 2025-11-07 18:05:07 +02:00
integrate detection engine into CLI 2025-11-07 18:08:21 +02:00			`for indicator in &detection.indicators {`
			`println!(" - {}", indicator);`
add basic CLI for testing enumeration 2025-11-07 18:05:07 +02:00			`}`
integrate detection engine into CLI 2025-11-07 18:08:21 +02:00			`println!();`
add basic CLI for testing enumeration 2025-11-07 18:05:07 +02:00			`}`
			`}`

			`Ok(())`
			`}`