Merge pull request #131 from macmade/main

Chrome History - Cheking extracted URLs against indicators.
2024-06-25 22:08:55 +00:00 · 2021-07-29 13:48:34 +02:00 · 2021-07-29 13:48:34 +02:00 · 1bf7f54c72
commit 1bf7f54c72
parent 60a2dbb860 5e03c28dbd
1 changed files with 8 additions and 0 deletions
--- a/mvt/ios/modules/fs/chrome_history.py
+++ b/mvt/ios/modules/fs/chrome_history.py
@ -35,6 +35,14 @@ class ChromeHistory(IOSExtraction):
            "data": f"{record['id']} - {record['url']} (visit ID: {record['visit_id']}, redirect source: {record['redirect_source']})"
        }

+    def check_indicators(self):
+        if not self.indicators:
+            return
+
+        for result in self.results:
+            if self.indicators.check_domain(result["url"]):
+                self.detected.append(result)
+
    def run(self):
        self._find_ios_database(backup_ids=CHROME_HISTORY_BACKUP_IDS, root_paths=CHROME_HISTORY_ROOT_PATHS)
        self.log.info("Found Chrome history database at path: %s", self.file_path)