crt0mega
/
mvt
mirror of https://github.com/mvt-project/mvt.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
611 Commits 22 Branches 67 Tags 6 MiB
Commit Graph

51 Commits

Author SHA1 Message Date
Nex 4a568835d2
Merge branch 'main' into feature/ios-check-usb 2022-06-28 23:58:38 +02:00
tek f98282d6c5 Adds applications and device info iOS USB modules 2022-06-28 23:37:57 +02:00
tek f864adf97e First structure for mvt-ios check-usb 2022-06-28 20:35:52 +02:00
Nex 815cdc0a88 Adding system to check for updates of indicators files and notify if any are available 2022-06-27 14:41:40 +02:00
Nex 1643454190 Ordered commands arguments 2022-06-17 17:16:20 +02:00
Nex fba4e27757 Refactored check-iocs command for Android as well 2022-06-16 17:02:38 +02:00
Nex e7fe30e201 Refactoring cli commands for iOS too 2022-06-16 15:18:50 +02:00
Nex a7d35dba4a Refactoring support for VirusTotal lookups, and removed Koodous lookups (ref: #273) 2022-06-14 15:46:01 +02:00
Nex d82c788a18 Removed AUTHORS file in favor of explicit copyright notice 2022-05-08 14:53:50 +02:00
Nex eb5f07a75d Updated copyright notice 2022-01-30 20:15:01 +01:00
Nex c8185fdbd8 Small code clean-ups 2022-01-29 15:13:35 +01:00
Nex 8ae9ca328c Added log line at the end to highlight number of detections 2022-01-21 16:50:32 +01:00
Nex b35cd4bc73 Added support for context-aware indicators. 
This way when a detection is logged, the user can know which STIX2
file was matched by the module
 2022-01-21 16:26:58 +01:00
Nex 4c906ad52e Renamed download iocs function 2022-01-14 01:52:57 +01:00
Nex 11bc916854 Sorted imports 2022-01-11 16:02:44 +01:00
Nex 3084876f31 Removing unused imports, fixing conditions, new lines 2022-01-11 16:02:01 +01:00
Nex f63cb585b2 Shortened command to download-iocs 2022-01-11 15:59:01 +01:00
tek 28d57e7178 Add command to download latest public indicators 
Squashed commit of the following:

commit c0d9e8d5d188c13e7e5ec0612e99bfb7e25f47d4
Author: Donncha Ó Cearbhaill <donncha.ocearbhaill@amnesty.org>
Date:   Fri Jan 7 16:05:12 2022 +0100

    Update name of indicators JSON file

commit f719e49c5f942cef64931ecf422b6a6e7b8c9f17
Author: Donncha Ó Cearbhaill <donncha.ocearbhaill@amnesty.org>
Date:   Fri Jan 7 15:38:03 2022 +0100

    Do not set indicators option on module if no indicators were loaded

commit a289eb8de936f7d74c6c787cbb8daf5c5bec015c
Author: Donncha Ó Cearbhaill <donncha.ocearbhaill@amnesty.org>
Date:   Fri Jan 7 14:43:00 2022 +0100

    Simplify code for loading IoCs

commit 0804563415ee80d76c13d3b38ffe639fa14caa14
Author: Donncha Ó Cearbhaill <donncha.ocearbhaill@amnesty.org>
Date:   Fri Jan 7 13:43:47 2022 +0100

    Add metadata to IoC entries

commit 97d0e893c1a0736c4931363ff40f09a030b90cf6
Author: tek <tek@randhome.io>
Date:   Fri Dec 17 16:43:09 2021 +0100

    Implements automated loading of indicators

commit c381e14df92ae4d7d846a1c97bcf6639cc526082
Author: tek <tek@randhome.io>
Date:   Fri Dec 17 12:41:15 2021 +0100

    Improves download-indicators

commit b938e02ddfd0b916fd883f510b467491a4a84e5f
Author: tek <tek@randhome.io>
Date:   Fri Dec 17 01:44:26 2021 +0100

    Adds download-indicators for mvt-ios and mvt-android
 2022-01-07 16:38:04 +01:00
tek 79bb7d1d4b Fixes indiator parsing bug 2021-12-13 18:37:05 +01:00
Nex 512f40dcb4 Standardized code with flake8 2021-11-19 15:27:51 +01:00
Nex a22241ec32 Added version commands 2021-09-17 14:19:03 +02:00
Nex c859b43220 Adding logo to iOS cli 2021-08-26 12:40:45 +02:00
Nex a16b0c12d2 Added shared help messages 2021-08-21 15:48:52 +02:00
Nex 817aaab258 Indicate in help message that option can be invoked multiple times 2021-08-18 13:24:10 +02:00
Nex 27847bf16c Added counter for loaded indicators 2021-08-18 13:18:34 +02:00
Nex 48810af83d Fixed creation of Indicators instance 2021-08-18 13:12:37 +02:00
Nex 6a63256b5c Added ability to import multiple STIX2 indicators files 2021-08-18 13:08:32 +02:00
Nex cbdbf41e1e Restructured modules folders 2021-08-15 13:14:18 +02:00
Nex cf630f7c2b Fixed unused imports 2021-08-14 18:56:33 +02:00
Nex 88e2576334 Copying plist files too when decrypting a backup 2021-08-14 18:25:41 +02:00
Nex 8a91e64bb9 Catching gracefully if indicators file parse fails 2021-08-12 20:17:37 +02:00
Nex 88324c7c42 Standardized to logging format 2021-08-12 12:48:29 +02:00
Daniel Kahn Gillmor 1288f8ca53 handle error cases better 2021-08-10 22:57:15 -04:00
Nex f011fd19e8 More explicit copyright and licensing notes 2021-08-01 21:11:08 +02:00
Nex be24680046 Enforcing double quotes 2021-08-01 19:50:04 +02:00
Nex b2e210e91c Removed unused import 2021-08-01 14:16:28 +02:00
Nex bc3634bf30 Specifying it is a password prompt 2021-07-31 10:27:44 +02:00
Nex ad9ab1aeba Switched to using rich Prompt 2021-07-31 10:13:18 +02:00
Daniel Kahn Gillmor 270e002f1b mvt-ios extract-key: enable pulling password from the environment 
This enables automated use of extract-key without requiring a password
to be placed in the command line, where it might leak.
 2021-07-30 23:10:54 -04:00
Daniel Kahn Gillmor 53adc05338 mvt-ios decrypt-backup: Enable pulling password from the environment. 
Specifying the password on the command line with `--password XXX`
leaves the password itself visible to any process on the machine which
can scan the process table.

On some systems (including common GNU/Linux distributions) this
visibility is possible by default.

This change should make it possible to offer the password without
putting it into the process table; rather, the user puts the password
in the environment, and specifies the name of the environment
variable, like so:

```
$ export MVT_IOS_BACKUP_PASSWORD=WronglySconeRoundnessUnruffled
$ mvt-ios decrypt-backup -d /path/to/dest /path/to/data/XXXXXXXX-YYYYYYYYYYYYYYY/
$ unset MVT_IOS_BACKUP_PASSWORD
```

or you can do so using a prefixed env var, as described in the updated
check.md documentation.
 2021-07-30 23:10:54 -04:00
Nex b264ae946d Refactored to include functionality in existing DecryptBackup class 2021-07-30 18:46:45 +02:00
Nex bfcfb3aa06 Merge branch 'extract-key' of https://github.com/pkirkovsky/mvt into pkirkovsky-extract-key 2021-07-30 18:29:47 +02:00
Nex c966eea7e6 Sorted imports 2021-07-30 11:40:09 +02:00
Nex 490fb12302 Refactored creation of output folders 2021-07-30 11:08:32 +02:00
Nex e2d82b0349 Merge branch 'master' of https://github.com/febrezo/mvt into febrezo-master 2021-07-30 10:48:34 +02:00
Pavel Kirkovsky 9fbcce4340 Add `extract-key` command 2021-07-22 23:52:52 -07:00
Nex 3004690fd1
Merge pull request #21 from pkirkovsky/prompt-password 
Prompt for password if none is given
 2021-07-21 11:20:24 +02:00
Tyler Kellogg 967eb75e7c
[iOS CLI] Remove non-existent SYSDIAGNOSE_MODULES reference 2021-07-20 15:01:09 -07:00
Pavel Kirkovsky 695555f26f Prompt for password if none is given 2021-07-20 05:44:36 -07:00
febrezo 732db070f2 Add implicit creation of output folders 2021-07-20 03:09:53 +02:00