WHAT DOES TXHUNTER COLLECT?
System: System information, memory information, name, CPU model etc.
Process: Running processes information, process id and parent id of the process, process name and command line etc.
Network: Network connection information of processes and open ports, remote connection IP address, local binding ports..
Autorun: System startup applications and services which can be automatically executed when the system boots up.
Event: Windows system and application logs.
Policy: Windows firewall rules which allow incoming and outgoing network connections.
File: Files that users opened or executed before.
SysModule: Windows drivers that are installed on your system.
KernelInfo: Reports detectionof the IDT, GDT, SSDT, Shadow SSDT, hidden process information etc.