Crate peripheral_forensic 

peripheral-forensic — graded anomaly auditor over external-device connections.

Consumes peripheral_core::DeviceConnection records and emits forensicnomicon::report::Findings. Every anomaly is an observation (“consistent with …”); the examiner draws the conclusions. MITRE techniques are narrated as consistency, never as a verdict.

Enums

DeviceAnomaly

A graded external-device anomaly.

Functions

audit

Audit a slice of DeviceConnections into a typed DeviceAnomaly stream.

audit_findings

Convenience: audit and convert directly to graded Findings.

source

The Source stamp for findings this analyzer emits.