Nex
0b3f529cfa
Bumped version
2022-03-14 10:22:29 +01:00
Nex
9bdef6ede4
Fixing spacing
2022-03-10 11:35:49 +01:00
Nex
fc9a27d030
Sorted imports
2022-03-10 11:33:54 +01:00
Donncha Ó Cearbhaill
ac26aa964a
Fix exception with bad password
2022-03-04 17:24:26 +01:00
Donncha Ó Cearbhaill
be511dcb51
Refactor SMS ADB code to use backup functions
2022-03-04 17:06:10 +01:00
Donncha Ó Cearbhaill
b44c67e699
Refactor some of the decryption code
2022-03-04 17:04:32 +01:00
tek
a4d08f8f35
Replaces pyaes with cryptography and reorganize backup parser code
2022-03-04 15:05:10 +01:00
tek
86c79075ff
Reorganise code for backup modules
2022-03-04 10:10:56 +01:00
tek
639c163297
Adds partial compression support in Android Backup parsing
2022-02-23 16:18:45 +01:00
tek
8eb30e3a02
Improves android backup parsing for check-backup and check-adb
2022-02-23 15:07:13 +01:00
Donncha Ó Cearbhaill
cd0e7d9879
Fix syntax error with broken comment
2022-02-18 15:09:08 +01:00
Donncha Ó Cearbhaill
bdaaf15434
Add initial implementation of SMS extraction using ADB
2022-02-17 18:17:38 +01:00
tek
699824d9ff
Adds iOS version 15.3.1
2022-02-11 12:25:53 +01:00
Nex
8cca78d222
Missing newline
2022-02-09 13:31:27 +01:00
Nex
57cbb0ed56
Fixed typo
2022-02-09 13:30:31 +01:00
Nex
e9cc6b3928
Fixed code styling and added missing check in adb getprop
2022-02-09 13:20:09 +01:00
tek
6d47d4d416
Adds warning for outdated iOS systems
2022-02-08 15:49:10 +01:00
tek
ed54761747
Adds warning if phone is outdated in getprop module
2022-02-07 17:28:01 +01:00
Nex
71c4ba799f
Fixed help message for download-apks
2022-02-04 13:42:32 +01:00
Nex
09a6f291c0
Bumped version
2022-02-04 13:39:37 +01:00
Nex
b50be69dd4
Bumped version
2022-02-04 13:38:04 +01:00
Nex
6fc6102b73
Improved parsing of bugreports by finding dumpstate file name from main_entry.txt
2022-02-04 13:34:40 +01:00
Nex
3fe5d8dc8d
Fixing battery stats history parsing
2022-02-03 22:18:37 +01:00
Nex
fec6210d1b
Fixed parsing of dbinfo to support multiple formats
2022-02-03 20:36:47 +01:00
Nex
6a723e533f
Fixed logging in adb modules
2022-02-03 20:19:07 +01:00
Nex
ed8a5a3845
Fixed dumpstate parsing for different formats and added logging
2022-02-03 19:55:18 +01:00
Nex
04225a4455
Ignoring decoding errors
2022-02-03 19:40:36 +01:00
Nex
5987f218be
Supporting multiple file names
2022-02-03 19:26:45 +01:00
Nex
748780476e
Fixed a typo and catching exception
2022-02-03 19:20:26 +01:00
Nex
c522b54326
Supporting searching files by multiple patterns
2022-02-03 17:21:29 +01:00
Nex
0e0e346916
Fixed issue in parsing batterystats daily
2022-02-03 13:36:08 +01:00
Nex
69daf3c3cd
Added module checking SELinux enforcement status
2022-02-03 11:34:02 +01:00
Nex
230f81879a
Added check for indicators to Processes
2022-02-03 00:06:15 +01:00
Nex
df42efb7cb
Added getprop parser
2022-02-02 22:07:47 +01:00
Nex
0922e569b0
Sorted imports
2022-02-02 22:00:48 +01:00
Nex
03092cf3b7
Attempting split of parsers
2022-02-02 21:58:11 +01:00
Nex
ab63a02c9f
Code clean-ups
2022-02-02 19:18:47 +01:00
Nex
a833dda581
Added getprop bugreport module
2022-02-02 19:00:20 +01:00
Nex
512c349c2c
Sorted imports
2022-02-02 16:10:24 +01:00
Nex
b94ba28873
Supporting loading from extracted folder
2022-02-02 16:10:12 +01:00
Nex
564efc3629
Sorted imports
2022-02-02 15:49:24 +01:00
Nex
9c62e6e4d6
Added Packages module
2022-02-02 15:47:55 +01:00
Nex
153f6cce02
Returning stix2 file name with iocs as well
2022-02-02 14:57:32 +01:00
Nex
47f9a0104c
Added a break for speed
2022-02-02 14:54:40 +01:00
Nex
bdad23feee
Refactored indicators to support multiple malware/collections per stix2 file
2022-02-02 14:53:26 +01:00
Nex
e2936c3d33
Added new check-bugreport command and modules
2022-02-02 00:09:53 +01:00
Nex
3483ca1584
Package dumpsys parsing as static method
2022-02-01 21:45:26 +01:00
Nex
7b107edf1f
Bumped version
2022-02-01 17:54:01 +01:00
Nex
b97ce7651a
Fixed missing checks for indicators instance (ref: #245 )
2022-02-01 17:48:19 +01:00
Nex
52a204cab6
Obtaining permissions for installed packages
2022-02-01 15:33:19 +01:00
Nex
1b335fda1d
Renamed function argument to more descriptive
2022-02-01 15:07:43 +01:00
Nex
2ad175eae2
Renamed package to package_name for consistency
2022-02-01 14:27:00 +01:00
Nex
2d00dca5bd
Bumped version
2022-02-01 12:46:31 +01:00
Nex
434738a306
Better regexp formatting
2022-01-31 13:05:03 +01:00
Nex
06cd640c5e
Using static methods
2022-01-31 12:58:33 +01:00
Nex
fb8a7ca104
Enforce consistency in Android modules
2022-01-31 11:30:49 +01:00
Nex
8d15ff58dd
Renamed matched field name to singular
2022-01-30 20:29:09 +01:00
Nex
eb5f07a75d
Updated copyright notice
2022-01-30 20:15:01 +01:00
Nex
ececf1a6b2
Added module to extract db queries
2022-01-30 19:43:09 +01:00
Nex
851cd52602
Ordering and clean-up
2022-01-30 16:41:32 +01:00
Nex
8db04fc991
Added module to parse battery daily stats package updates
2022-01-30 16:02:24 +01:00
Nex
3d0ba56e1f
Fixed parsing of wake events
2022-01-30 15:20:03 +01:00
Nex
c48a4e8f50
Fixed variable name
2022-01-30 04:12:19 +01:00
Nex
001c2998a5
Removed unnecessary newlines
2022-01-30 04:11:46 +01:00
Nex
5e7c5727af
Added check for indicators to dumpsys modules
2022-01-30 04:08:48 +01:00
Nex
883fbaeb88
Parsing records from accessibility and battery history
2022-01-30 03:44:41 +01:00
Nex
6f0012cede
Removed modules which are only duplicated outputs from dumpsys full
2022-01-30 03:39:26 +01:00
Nex
458e80ccbb
Adding module to process battery history
2022-01-30 03:34:16 +01:00
Nex
c8185fdbd8
Small code clean-ups
2022-01-29 15:13:35 +01:00
Yallxe
43b1612dfe
Set utf-8 as an encoding for open()
...
Not every system uses 'utf-8' as a default encoding for opening files in Python.
Before you say that there must be a way to set default encoding in one line, no, there is not. At least, I didn't found a way to do this.
2022-01-29 12:18:18 +01:00
Nex
49e34f6299
Better parsing of dumpsys package and added parsing of Activities too
2022-01-29 03:50:33 +01:00
Nex
d88a66dd54
Fixed typo
2022-01-29 01:13:52 +01:00
Nex
d3ed778ae4
Fixed comment stylling
2022-01-29 01:13:29 +01:00
tek
4c3306c272
Separate receivers parsing in DumpsysReceivers
2022-01-29 01:06:32 +01:00
Nex
1c912f68fe
Bumped version
2022-01-28 22:25:41 +01:00
Nex
10a640d3f7
Temporary disabing VirusTotal lookup because of API issues
2022-01-28 22:25:21 +01:00
Nex
c3acc95e9e
Bumped version
2022-01-28 20:08:14 +01:00
Nex
90d05336da
Added check for additional outgoing call event
2022-01-28 17:21:28 +01:00
Nex
5513e6e9e3
Ordered imports
2022-01-28 16:36:24 +01:00
Nex
38116f8405
Catching device not found exception
2022-01-28 15:47:50 +01:00
Nex
59b069f006
Added lookups for non-system packages on check-adb too
2022-01-28 12:25:50 +01:00
Nex
28e1348aa7
Added check-iocs command to mvt-android
2022-01-27 18:23:19 +01:00
Nex
034338d1f4
Added iOS 15.3
2022-01-27 17:04:48 +01:00
Nex
09d5eabf2f
Changing check logic for Android settings
2022-01-27 15:24:17 +01:00
Nex
a425d6c511
Added missing comma and ordered imports
2022-01-27 14:56:02 +01:00
Nex
f8897a4f8c
Added more dangerous settings
2022-01-27 14:54:31 +01:00
Nex
86eae68bdb
Added Android settings module
2022-01-27 13:33:06 +01:00
Nex
d2bf348b03
Merge branch 'main' of github.com:mvt-project/mvt
2022-01-27 12:51:14 +01:00
Nex
25c6c03075
Added Getprop module and cleaned Files and Packages Android modules
2022-01-27 12:50:37 +01:00
tek
cf88740f6a
Fixes bugs in SafariBrowserState module and add tests
2022-01-26 14:50:34 +01:00
tek
eb4810b0ad
Fixes bug in parsing of configuration profiles
2022-01-25 20:32:27 +01:00
Nex
cce9159eda
Adding indicator to matched results
2022-01-23 15:01:49 +01:00
Nex
e1211991aa
Bumped version
2022-01-23 14:17:43 +01:00
Nex
8ae9ca328c
Added log line at the end to highlight number of detections
2022-01-21 16:50:32 +01:00
Nex
0e2eb51732
Fixed checking of indicators in filesystem module
2022-01-21 16:30:34 +01:00
Nex
b35cd4bc73
Added support for context-aware indicators.
...
This way when a detection is logged, the user can know which STIX2
file was matched by the module
2022-01-21 16:26:58 +01:00
Nex
1b4f99a31d
Trying to catch missing argument error (ref: #211 )
2022-01-21 12:20:22 +01:00
tek
e4e1716729
Bumped version
2022-01-20 15:28:42 +01:00
tek
083bc12351
Merge branch 'feature/check-file-path'
2022-01-20 15:19:37 +01:00
tek
95205d8e17
Adds indicators check to iOS TCC module
2022-01-18 17:12:20 +01:00