hidden/HiddenCLI/cli.txt


hiddencli [mode] [connection] [perform] <command>
hiddencli /help

mode:

	By default perform current commands

	/install [%driver%]
	  Install commands to registry without execution, driver will load them on start. If this flag is set 
	  connection parameters shouldn't be set. Optional parameter is used for set valid registry path if
	  driver name is changed, by default "hidden"

	/uninstall [%driver%]
	  Uninstall all configs from registry. This flag is all-sufficient therefore if this flag is set
	  no other parameters and commands should be set after

connection:
	
	/gate <%name%>
	  Set specific connection gate name (driver device name)

perform:

	By default perform one command by one execution

	/multi
	  Enable multiple commands per execution, just type commands one by one without any separator

	/config <%path%>
	  Loads multiple commands from file, each command should be on separate line

commands:

	/state <on|off>
		Enable or disable enforcement (hiding, protecting, ignoring etc)
	
	/query state
		Get enforcement state

	/hide <file|dir|regval|regkey> <%path%>
		Hide filesystem or registry object by path
		
	/unhide <file|dir|regval|regkey> all
		Unhide all filesystem or registry object by selected type
	
	/unhide <file|dir|regval|regkey> <%ruleid%>
		Unhide all filesystem or registry object by selected type and rule ID

	/ignore image [inherit:<none|always|once>] [apply:<fornew|forall>] <%path%>
		Set rule that allows to see hidden filesystem and registry objects for processes with specific image path
		
	/unignore <%ruleid%>
		Remove rule that allows to see hidden filesystem and registry objects by rule ID
		
	/unignore all
		Remove all rules that allow to see hidden filesystem and registry objects
	
	/ignore pid [inherit:<none|always|once>] <%pid%>
		Turn on abillity to see hidden filesystem and registry objects for specific process by PID
		
	/unignore pid <%pid%>
		Turn off abillity to see hidden filesystem and registry objects for specific process by PID

	/protect image [inherit:<none|always|once>] [apply:<fornew|forall>] <%path%>
		Set rule that allows to enable process protection for processes with specific image path
	
	/unprotect <%ruleid%>
		Remove rule that enables process protection by rule ID
	
	/unprotect all
		Remove all rules that enable process protection

	/protect pid [inherit:<none|always|once>] <%pid%>
		Turn on protection for specific process by PID
		
	/unprotect pid <%pid%>
		Turn off protection for specific process by PID

	/query process <%pid%>
		Query information about state of the process by PID

options:

  inherit:none
    Disable inheritance of the protected or ignored state

  inherit:once
    Child process will inherit the same state but its children no

  inherit:always
    Child process will inherit the same state and its children too

  apply:forall
    Apply policy for existing processes and for all new processes

  apply:fornew
    Don't apply policy for existing processes only for new
HiddenCLI first steps 2016-12-04 19:27:46 +00:00
Added new cli mode /multi 2016-12-14 23:29:27 +00:00			`hiddencli [mode] [connection] [perform] <command>`
Fixed issue with avoiding parent process checking and etc 2016-12-10 11:22:49 +00:00			`hiddencli /help`
HiddenCLI first steps 2016-12-04 19:27:46 +00:00
Added new cli mode /multi 2016-12-14 23:29:27 +00:00			`mode:`

			`By default perform current commands`

			`/install [%driver%]`
			`Install commands to registry without execution, driver will load them on start. If this flag is set`
			`connection parameters shouldn't be set. Optional parameter is used for set valid registry path if`
			`driver name is changed, by default "hidden"`

/install and /uninstall commands 2016-12-23 00:05:09 +00:00			`/uninstall [%driver%]`
			`Uninstall all configs from registry. This flag is all-sufficient therefore if this flag is set`
			`no other parameters and commands should be set after`

HiddenCLI first steps 2016-12-04 19:27:46 +00:00			`connection:`
Design for the commands 2016-12-05 22:37:18 +00:00
Added new cli mode /multi 2016-12-14 23:29:27 +00:00			`/gate <%name%>`
/install and /uninstall commands 2016-12-23 00:05:09 +00:00			`Set specific connection gate name (driver device name)`
HiddenCLI first steps 2016-12-04 19:27:46 +00:00
Added new cli mode /multi 2016-12-14 23:29:27 +00:00			`perform:`

			`By default perform one command by one execution`

			`/multi`
			`Enable multiple commands per execution, just type commands one by one without any separator`

/install and /uninstall commands 2016-12-23 00:05:09 +00:00			`/config <%path%>`
Added new cli mode /multi 2016-12-14 23:29:27 +00:00			`Loads multiple commands from file, each command should be on separate line`

HiddenCLI first steps 2016-12-04 19:27:46 +00:00			`commands:`

Added new cli mode /multi 2016-12-14 23:29:27 +00:00			`/state <on\|off>`
Added 'state' command 2016-12-12 20:40:35 +00:00			`Enable or disable enforcement (hiding, protecting, ignoring etc)`

Added new cli mode /multi 2016-12-14 23:29:27 +00:00			`/query state`
Added 'state' command 2016-12-12 20:40:35 +00:00			`Get enforcement state`
Added 'query' command 2016-12-09 20:27:27 +00:00
Added new cli mode /multi 2016-12-14 23:29:27 +00:00			`/hide <file\|dir\|regval\|regkey> <%path%>`
HiddenCLI first steps 2016-12-04 19:27:46 +00:00			`Hide filesystem or registry object by path`

Added new cli mode /multi 2016-12-14 23:29:27 +00:00			`/unhide <file\|dir\|regval\|regkey> all`
HiddenCLI first steps 2016-12-04 19:27:46 +00:00			`Unhide all filesystem or registry object by selected type`

Added new cli mode /multi 2016-12-14 23:29:27 +00:00			`/unhide <file\|dir\|regval\|regkey> <%ruleid%>`
HiddenCLI first steps 2016-12-04 19:27:46 +00:00			`Unhide all filesystem or registry object by selected type and rule ID`

Added new cli mode /multi 2016-12-14 23:29:27 +00:00			`/ignore image [inherit:<none\|always\|once>] [apply:<fornew\|forall>] <%path%>`
HiddenCLI first steps 2016-12-04 19:27:46 +00:00			`Set rule that allows to see hidden filesystem and registry objects for processes with specific image path`

Added new cli mode /multi 2016-12-14 23:29:27 +00:00			`/unignore <%ruleid%>`
HiddenCLI first steps 2016-12-04 19:27:46 +00:00			`Remove rule that allows to see hidden filesystem and registry objects by rule ID`

Added new cli mode /multi 2016-12-14 23:29:27 +00:00			`/unignore all`
HiddenCLI first steps 2016-12-04 19:27:46 +00:00			`Remove all rules that allow to see hidden filesystem and registry objects`

Added new cli mode /multi 2016-12-14 23:29:27 +00:00			`/ignore pid [inherit:<none\|always\|once>] <%pid%>`
HiddenCLI first steps 2016-12-04 19:27:46 +00:00			`Turn on abillity to see hidden filesystem and registry objects for specific process by PID`

Added new cli mode /multi 2016-12-14 23:29:27 +00:00			`/unignore pid <%pid%>`
HiddenCLI first steps 2016-12-04 19:27:46 +00:00			`Turn off abillity to see hidden filesystem and registry objects for specific process by PID`

Added new cli mode /multi 2016-12-14 23:29:27 +00:00			`/protect image [inherit:<none\|always\|once>] [apply:<fornew\|forall>] <%path%>`
HiddenCLI first steps 2016-12-04 19:27:46 +00:00			`Set rule that allows to enable process protection for processes with specific image path`

Added new cli mode /multi 2016-12-14 23:29:27 +00:00			`/unprotect <%ruleid%>`
HiddenCLI first steps 2016-12-04 19:27:46 +00:00			`Remove rule that enables process protection by rule ID`

Added new cli mode /multi 2016-12-14 23:29:27 +00:00			`/unprotect all`
HiddenCLI first steps 2016-12-04 19:27:46 +00:00			`Remove all rules that enable process protection`

Added new cli mode /multi 2016-12-14 23:29:27 +00:00			`/protect pid [inherit:<none\|always\|once>] <%pid%>`
HiddenCLI first steps 2016-12-04 19:27:46 +00:00			`Turn on protection for specific process by PID`

Added new cli mode /multi 2016-12-14 23:29:27 +00:00			`/unprotect pid <%pid%>`
HiddenCLI first steps 2016-12-04 19:27:46 +00:00			`Turn off protection for specific process by PID`

Added new cli mode /multi 2016-12-14 23:29:27 +00:00			`/query process <%pid%>`
Added 'state' command 2016-12-12 20:40:35 +00:00			`Query information about state of the process by PID`
Configs installation to registry 2016-12-25 20:56:18 +00:00
			`options:`

			`inherit:none`
			`Disable inheritance of the protected or ignored state`

			`inherit:once`
			`Child process will inherit the same state but its children no`

			`inherit:always`
			`Child process will inherit the same state and its children too`

			`apply:forall`
			`Apply policy for existing processes and for all new processes`

			`apply:fornew`
			`Don't apply policy for existing processes only for new`