mbr-forensic 0.4.0

Forensic MBR parser — structure, anomaly detection, gap analysis, slack-space carving, and filesystem fingerprinting
Documentation 
1
2
3
4
5
6
7
8

//! Known boot-sector-malware marker detection.
//!
//! The marker data and the matching logic are centralized in the
//! `forensicnomicon` knowledge crate ([`forensicnomicon::bootkit`]); this module
//! re-exports them so existing `mbr_forensic::bootkit::{scan, KNOWN_SIGNATURES}`
//! call sites keep working. A match raises [`crate::AnomalyKind::KnownBootkit`].

pub use forensicnomicon::bootkit::{scan, BootkitMarker, BOOTKIT_MARKERS as KNOWN_SIGNATURES};