Nex
|
0e2eb51732
|
Fixed checking of indicators in filesystem module
|
2022-01-21 16:30:34 +01:00 |
|
Nex
|
b35cd4bc73
|
Added support for context-aware indicators.
This way when a detection is logged, the user can know which STIX2
file was matched by the module
|
2022-01-21 16:26:58 +01:00 |
|
tek
|
083bc12351
|
Merge branch 'feature/check-file-path'
|
2022-01-20 15:19:37 +01:00 |
|
tek
|
95205d8e17
|
Adds indicators check to iOS TCC module
|
2022-01-18 17:12:20 +01:00 |
|
Nex
|
3e0ef20fcd
|
.
|
2022-01-18 16:05:01 +01:00 |
|
tek
|
38bb583a9e
|
Improves management of file path indicators
|
2022-01-18 15:50:31 +01:00 |
|
tek
|
798805c583
|
Improves Shortcut output
|
2022-01-18 13:06:35 +01:00 |
|
Nex
|
146f2ae57d
|
Renaming check function for consistency
|
2022-01-12 16:02:13 +01:00 |
|
Nex
|
11bc916854
|
Sorted imports
|
2022-01-11 16:02:44 +01:00 |
|
Nex
|
3084876f31
|
Removing unused imports, fixing conditions, new lines
|
2022-01-11 16:02:01 +01:00 |
|
tek
|
15fbedccc9
|
Fixes a minor bug in WebkitResourceLoadStatistics
|
2022-01-10 18:09:31 +01:00 |
|
tek
|
e0514b20dd
|
Catches exception in Shortcuts module if the table does not exist
|
2022-01-10 16:58:12 +01:00 |
|
Donncha Ó Cearbhaill
|
3215e797ec
|
Bug fixes for config profile and shortcut module
|
2021-12-16 22:58:36 +01:00 |
|
Donncha Ó Cearbhaill
|
45b31bb718
|
Add support for indentifying known malicious file paths over ADB
|
2021-12-16 19:16:24 +01:00 |
|
Donncha Ó Cearbhaill
|
e10f1767e6
|
Update WhatsApp module to search for links in attachments
|
2021-12-16 18:46:31 +01:00 |
|
Donncha Ó Cearbhaill
|
3f3261511a
|
Add module to search for known malicious or suspicious configuration profiles
|
2021-12-16 17:57:26 +01:00 |
|
Donncha Ó Cearbhaill
|
4cfe75e2d4
|
Add module to parse iOS Shortcuts and search for malicious actions
|
2021-12-16 17:47:08 +01:00 |
|
tek
|
cdd90332f7
|
Adds timeline support to TCC iOS module
|
2021-12-16 13:57:44 +01:00 |
|
tek
|
b25cc48be0
|
Fixes issue in Safari Browser State for older iOS versions
|
2021-12-06 15:04:52 +01:00 |
|
tek
|
40bd9ddc1d
|
Fixes issue with different TCC database versions
|
2021-12-03 20:31:12 +01:00 |
|
Tek
|
deb95297da
|
Merge pull request #219 from workingreact/main
Fix ConfigurationProfiles
|
2021-12-03 19:56:43 +01:00 |
|
tek
|
02014b414b
|
Add warning for apple notification
|
2021-12-03 19:42:35 +01:00 |
|
tek
|
7dd5fe7831
|
Catch and recover malformed SMS database
|
2021-12-03 17:46:41 +01:00 |
|
workingreact
|
11d1a3dcee
|
fix typo
|
2021-12-02 18:31:07 +01:00 |
|
workingreact
|
74f9db2bf2
|
fix ConfigurationProfiles
|
2021-12-02 16:55:14 +01:00 |
|
Nex
|
512f40dcb4
|
Standardized code with flake8
|
2021-11-19 15:27:51 +01:00 |
|
Nex
|
529df85f0f
|
Sorted imports
|
2021-11-04 12:58:35 +01:00 |
|
panelmix
|
34c997f923
|
Replace NetworkingAnalytics with Analytics
|
2021-11-02 13:29:12 +01:00 |
|
hurtcrushing
|
635d3a392d
|
change warning to info
|
2021-10-25 14:54:03 +02:00 |
|
hurtcrushing
|
2d78bddbba
|
Search for entries in ZPROCESS but not in ZLIVEUSAGE
|
2021-10-25 14:34:18 +02:00 |
|
Nex
|
f8e380baa1
|
Minor style fixes
|
2021-10-18 12:51:20 +02:00 |
|
Nex
|
35559b09a8
|
Merge pull request #206 from colossalzippy/main
improve Filesystem module
|
2021-10-18 12:48:58 +02:00 |
|
colossalzippy
|
f601db2174
|
improve Filesystem
|
2021-10-15 14:58:50 +02:00 |
|
witchbuild
|
3ce9641c23
|
add NetworkingAnalytics
|
2021-10-15 11:53:06 +02:00 |
|
Nex
|
01e68ccc6a
|
Fixed dict decl
|
2021-09-28 12:45:15 +02:00 |
|
Nex
|
fba0fa1f2c
|
Removed newline
|
2021-09-28 12:44:15 +02:00 |
|
Nex
|
8fcc79ebfa
|
Adapted for better support
|
2021-09-28 12:42:57 +02:00 |
|
pungentsneak
|
904daad935
|
add ShutdownLog
|
2021-09-22 13:24:17 +02:00 |
|
Nex
|
75b5b296a5
|
Added check for indicators (closes: #189)
|
2021-09-16 10:44:39 +02:00 |
|
Nex
|
ccdfd92d4a
|
Merge branch 'dozenfossil-main'
|
2021-09-14 14:29:21 +02:00 |
|
Nex
|
032b229eb8
|
Minor changes for consistency
|
2021-09-14 14:29:04 +02:00 |
|
beneficentboast
|
725a99bcd5
|
fix error for manipulated entries in DataUsage
|
2021-09-13 20:13:43 +02:00 |
|
dozenfossil
|
35a6f6ec9a
|
fix multi path/file issue
|
2021-09-13 20:02:48 +02:00 |
|
Nex
|
e5f2aa3c3d
|
Standardizing reST docstrings
|
2021-09-10 15:18:13 +02:00 |
|
Nex
|
3236c1b390
|
Added new TCC module
|
2021-09-09 12:00:48 +02:00 |
|
Nex
|
80a670273d
|
Added additional locationd path
|
2021-09-07 15:18:00 +02:00 |
|
Nex
|
969b5cc506
|
Fixed bug in locationd module
|
2021-09-07 15:06:19 +02:00 |
|
Nex
|
ef8622d4c3
|
Changed event name
|
2021-09-03 14:49:04 +02:00 |
|
Nex
|
e39e9e6f92
|
Cleaned up and simplified module
|
2021-09-03 14:48:24 +02:00 |
|
Nex
|
7b32ed3179
|
Compacted record data
|
2021-09-03 14:41:55 +02:00 |
|