Expand description
Core business logic: scanning, diffing, killing, and session management.
Modules§
- alerts
- Alert rule evaluation engine.
- bandwidth
- System-wide bandwidth estimation.
- container
- Container name resolution for Docker/Podman.
- firewall
- Firewall quick-block: generate and execute commands to block a remote IP.
- killer
- Process termination (SIGTERM / SIGKILL).
- namespace
- Network namespace awareness (Linux only).
- process_
detail - Enhanced process detail: cwd, environment, open files, CPU/RAM.
- scanner
- Port scanning, diffing, filtering, sorting, and export.
- session
- Session management — encapsulates the refresh/diff/retain/sort cycle.
- suspicious
- Heuristic detection of suspicious network connections.