Skip to main content

mbr_forensic/
bootkit.rs

1//! Known boot-sector-malware marker detection.
2//!
3//! The marker data and the matching logic are centralized in the
4//! `forensicnomicon` knowledge crate ([`forensicnomicon::bootkit`]); this module
5//! re-exports them so existing `mbr_forensic::bootkit::{scan, KNOWN_SIGNATURES}`
6//! call sites keep working. A match raises [`crate::AnomalyKind::KnownBootkit`].
7
8pub use forensicnomicon::bootkit::{scan, BootkitMarker, BOOTKIT_MARKERS as KNOWN_SIGNATURES};