Modernize terminal output

[tstromberg]

Findings are now grouped by namespace, so it's easy to see all of the network-related functions, for example.

There is a small behavioral difference: diff mode again shows functionality that did not change. Example:

├─ ⚠️ Changed: ../malcontent-samples/linux/clean/ls.x86_64 [✅ LOW → ⚠️ MEDIUM]
│  ≡ discovery [NONE->LOW]
│    +++ system/hostname_get — get computer host name: gethostname
│  ≡ execution [LOW]
│      • shell/TERM — Look up or override terminal settings: TERM
│  ≡ filesystem [LOW]
│    --- directory/traverse — traverse filesystem hierarchy
│      • link_read — read value of a symbolic link: readlink
│  ≡ networking [NONE->LOW]
│    +++ url/embedded — contains embedded HTTPS URLs:
│        https://gnu.org/licenses/gpl.html, https://translationproject.org/team/, https:/…
│  ≡ process [NONE->MEDIUM]
│    +++ name_set — get or set the current process name: __progname
│

Non-diff mode looks fairly boring yet compact:

🔎 Scanning "../malcontent-samples/windows/2024.Sharp/sharpil_RAT.exe"
├─ 🚨 ../malcontent-samples/windows/2024.Sharp/sharpil_RAT.exe [🚨 CRITICAL]
│  ≡ credential [LOW]
│    • password — references a 'password': Passwords
│  ≡ data [MEDIUM]
│    • embedded/app_manifest — Contains embedded Microsoft Windows application manifest:
│        requestedExecutionLevel, requestedPrivileges
│  ≡ hardware [LOW]
│    • wireless — wireless network base station ID: BSSID
│  ≡ networking [MEDIUM]
│    • download — download files: DownloadString, Downloads
│  ≡ third-party [CRITICAL]
│    • ditekshen/telegramchatbot — Detects executables using Telegram Chat Bot, by ditekSHen:
│        $p1, $p2, $s1, $s2, $s4
│    • threat_hunting/telegram — references 'telegram' tool, by mthcht:
│        $string2_telegram_greyware_tool_keyword
│

[egibs]

This is great! Really nice UX improvement.