{"id":18797201,"url":"https://github.com/whots/rosaryac-rs","last_synced_at":"2026-02-17T21:37:59.435Z","repository":{"id":236186283,"uuid":"792095197","full_name":"WHots/RosaryAC-rs","owner":"WHots","description":"Experimental enduser threat detection system.","archived":false,"fork":false,"pushed_at":"2025-01-27T23:02:01.000Z","size":215,"stargazers_count":7,"open_issues_count":0,"forks_count":1,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-10-21T07:33:50.976Z","etag":null,"topics":["anticheats","edr","gamecheats","rust","rust-lang","security","security-tools","threat-hunting","threat-intelligence","windows"],"latest_commit_sha":null,"homepage":"","language":"Rust","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/WHots.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2024-04-26T01:01:47.000Z","updated_at":"2025-01-27T23:02:05.000Z","dependencies_parsed_at":"2024-04-26T02:28:44.623Z","dependency_job_id":"288b14ce-b571-4d55-b8f9-82349db2706e","html_url":"https://github.com/WHots/RosaryAC-rs","commit_stats":null,"previous_names":["whots/heartbeat-ai-rs","whots/snapshot-rs","whots/rosaryac-rs"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/WHots/RosaryAC-rs","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/WHots%2FRosaryAC-rs","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/WHots%2FRosaryAC-rs/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/WHots%2FRosaryAC-rs/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/WHots%2FRosaryAC-rs/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/WHots","download_url":"https://codeload.github.com/WHots/RosaryAC-rs/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/WHots%2FRosaryAC-rs/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":29558812,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-02-17T20:52:40.164Z","status":"ssl_error","status_checked_at":"2026-02-17T20:48:10.325Z","response_time":100,"last_error":"SSL_read: unexpected eof while reading","robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":false,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["anticheats","edr","gamecheats","rust","rust-lang","security","security-tools","threat-hunting","threat-intelligence","windows"],"created_at":"2024-11-07T22:07:27.762Z","updated_at":"2026-02-17T21:37:54.417Z","avatar_url":"https://github.com/WHots.png","language":"Rust","funding_links":[],"categories":[],"sub_categories":[],"readme":"# RosaryEDR - Proof of Concept User Mode EDR / Threat Detection System (Work in Progress)\n\n## About The Project\nRosaryEDR is a **proof of concept (PoC)** user mode Endpoint Detection and Response (EDR) / Threat Detection System designed to identify and report suspicious activities on endpoints. This project is experimental and focuses solely on threat detection and notification, without active threat elimination.\n\n**Project Change Log**\n- **Date:** 8/6/2024\n- **Update:** The project has transitioned to a user-mode EDR / Threat Detection System.\n- **Date:** ~~5/13/2024~~\n- **Update:** ~~The project has transitioned to an Anti-Cheat user client.~~\n\nThis application is intended as a PoC for those interested in endpoint security mechanisms. It is important to note that RosaryEDR **does not provide resources for executing or reversing malicious activities**. Additionally, it is not designed to target or single out any specific threat actor.\n\n### Built With\n- **Rust Language:** The core of RosaryEDR is built using Rust, known for its safety and performance.\n\n### Prerequisites\nTo work with RosaryEDR, you must have Rust and Cargo installed on your system. You can install them using rustup, which is available [here](https://rustup.rs/).\n\n## EDR Rules and Limitations\n\n### Core Operational Rules\n1. **Detection Only Mode:**\n   - The system operates in a **detection-only** mode\n   - Will NOT attempt to eliminate or neutralize threats\n   - Only provides notification and documentation of detected threats\n\n2. **System Interaction Restrictions:**\n   - CANNOT interact with system processes\n   - CANNOT write into process memory\n   - CANNOT modify any system settings or configurations\n\n3. **Network Restrictions:**\n   - Operates 100% offline\n   - NO third-party network connections\n   - NO downloading or uploading of files\n   - NO external data fetching\n\n4. **File System Operations:**\n   - CAN create its own directories and files\n   - CAN only write to files/directories it has created\n   - CANNOT modify any existing system files\n\n### Threat Detection Requirements\n1. **Evidence Requirements:**\n   - Must provide concrete proof of active threats\n   - Must document interactions with protected processes\n   - Static presence of potentially harmful software is NOT sufficient for alert\n\n2. **Documentation Required:**\n   - Must capture screen evidence of detected threats\n   - Must create a detailed snapshot of threat characteristics\n   - Must maintain logs of detection events\n\n### Privacy and Security\n1. **Information Gathering:**\n   - Only collects runtime information\n   - NO collection of personally identifiable information\n   - NO persistent tracking of user activities\n\n2. **Data Storage:**\n   - All data stored locally\n   - NO cloud storage or transmission\n   - Only stores information relevant to threat detection\n\n---\n\n**Note:** As this project is a work in progress, these rules and requirements may be subject to refinement. The focus remains on creating a secure, privacy-respecting threat detection system that operates within strict ethical boundaries.\n\nFor any issues or feature requests, please refer to the [issues section](#).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwhots%2Frosaryac-rs","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fwhots%2Frosaryac-rs","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fwhots%2Frosaryac-rs/lists"}