WHAT DOES TXHUNTER COLLECT?

 

System:   System information, memory information, name, CPU model etc.

Process:   Running processes information, process id and parent id of the process, process name and command line etc.

Network:   Network connection information of processes and open ports, remote connection IP address, local binding ports..

Autorun:   System startup applications and services which can be automatically executed when the system boots up.

Event:   Windows system and application logs.

Policy:   Windows firewall rules which allow incoming and outgoing network connections.

File:   Files that users opened or executed before.

SysModule:   Windows drivers that are installed on your system.

KernelInfo:   Reports detectionof the IDT, GDT, SSDT, Shadow SSDT, hidden process information etc.