Nex
|
d6af7c8cca
|
Updating flake8 config and fixed some violations
|
2022-03-18 11:10:06 +01:00 |
|
Nex
|
eb5f07a75d
|
Updated copyright notice
|
2022-01-30 20:15:01 +01:00 |
|
Nex
|
c8185fdbd8
|
Small code clean-ups
|
2022-01-29 15:13:35 +01:00 |
|
Nex
|
28e1348aa7
|
Added check-iocs command to mvt-android
|
2022-01-27 18:23:19 +01:00 |
|
tek
|
cf88740f6a
|
Fixes bugs in SafariBrowserState module and add tests
|
2022-01-26 14:50:34 +01:00 |
|
Nex
|
cce9159eda
|
Adding indicator to matched results
|
2022-01-23 15:01:49 +01:00 |
|
Nex
|
b35cd4bc73
|
Added support for context-aware indicators.
This way when a detection is logged, the user can know which STIX2
file was matched by the module
|
2022-01-21 16:26:58 +01:00 |
|
tek
|
083bc12351
|
Merge branch 'feature/check-file-path'
|
2022-01-20 15:19:37 +01:00 |
|
tek
|
95205d8e17
|
Adds indicators check to iOS TCC module
|
2022-01-18 17:12:20 +01:00 |
|
Nex
|
3e0ef20fcd
|
.
|
2022-01-18 16:05:01 +01:00 |
|
tek
|
38bb583a9e
|
Improves management of file path indicators
|
2022-01-18 15:50:31 +01:00 |
|
tek
|
798805c583
|
Improves Shortcut output
|
2022-01-18 13:06:35 +01:00 |
|
Nex
|
11bc916854
|
Sorted imports
|
2022-01-11 16:02:44 +01:00 |
|
tek
|
15fbedccc9
|
Fixes a minor bug in WebkitResourceLoadStatistics
|
2022-01-10 18:09:31 +01:00 |
|
tek
|
e0514b20dd
|
Catches exception in Shortcuts module if the table does not exist
|
2022-01-10 16:58:12 +01:00 |
|
Donncha Ó Cearbhaill
|
3215e797ec
|
Bug fixes for config profile and shortcut module
|
2021-12-16 22:58:36 +01:00 |
|
Donncha Ó Cearbhaill
|
e10f1767e6
|
Update WhatsApp module to search for links in attachments
|
2021-12-16 18:46:31 +01:00 |
|
Donncha Ó Cearbhaill
|
4cfe75e2d4
|
Add module to parse iOS Shortcuts and search for malicious actions
|
2021-12-16 17:47:08 +01:00 |
|
tek
|
cdd90332f7
|
Adds timeline support to TCC iOS module
|
2021-12-16 13:57:44 +01:00 |
|
tek
|
b25cc48be0
|
Fixes issue in Safari Browser State for older iOS versions
|
2021-12-06 15:04:52 +01:00 |
|
tek
|
40bd9ddc1d
|
Fixes issue with different TCC database versions
|
2021-12-03 20:31:12 +01:00 |
|
tek
|
02014b414b
|
Add warning for apple notification
|
2021-12-03 19:42:35 +01:00 |
|
tek
|
7dd5fe7831
|
Catch and recover malformed SMS database
|
2021-12-03 17:46:41 +01:00 |
|
Nex
|
512f40dcb4
|
Standardized code with flake8
|
2021-11-19 15:27:51 +01:00 |
|
Nex
|
75b5b296a5
|
Added check for indicators (closes: #189)
|
2021-09-16 10:44:39 +02:00 |
|
Nex
|
032b229eb8
|
Minor changes for consistency
|
2021-09-14 14:29:04 +02:00 |
|
dozenfossil
|
35a6f6ec9a
|
fix multi path/file issue
|
2021-09-13 20:02:48 +02:00 |
|
Nex
|
e5f2aa3c3d
|
Standardizing reST docstrings
|
2021-09-10 15:18:13 +02:00 |
|
Nex
|
3236c1b390
|
Added new TCC module
|
2021-09-09 12:00:48 +02:00 |
|
Nex
|
80a670273d
|
Added additional locationd path
|
2021-09-07 15:18:00 +02:00 |
|
Nex
|
969b5cc506
|
Fixed bug in locationd module
|
2021-09-07 15:06:19 +02:00 |
|
Nex
|
ef8622d4c3
|
Changed event name
|
2021-09-03 14:49:04 +02:00 |
|
Nex
|
e39e9e6f92
|
Cleaned up and simplified module
|
2021-09-03 14:48:24 +02:00 |
|
Nex
|
7b32ed3179
|
Compacted record data
|
2021-09-03 14:41:55 +02:00 |
|
Nex
|
3e679312d1
|
Renamed module
|
2021-09-03 13:35:27 +02:00 |
|
guitarsinger
|
be4f1afed6
|
add OSAnalyticsADDAILY
|
2021-09-03 11:59:44 +02:00 |
|
Nex
|
d3941bb5d3
|
Merge pull request #177 from harsaphes/main
Checking idstatuscache.plist in a dump for iOS>14.7
|
2021-09-01 22:00:51 +02:00 |
|
Nex
|
194c8a0ac1
|
Using new function to retrieve local db path
|
2021-09-01 21:59:12 +02:00 |
|
tek
|
cacf027051
|
Fixes a bug in retrieving the backup file path in webkit session resource logs
|
2021-09-01 15:49:23 -04:00 |
|
tek
|
da97f5ca30
|
Add db recovery to Safari history module
|
2021-09-01 15:40:45 -04:00 |
|
harsaphes
|
c2ec26fd75
|
Checking idstatuscache.plist in a dump for iOS>14.7
|
2021-08-30 21:01:59 +02:00 |
|
Nex
|
0005ad2abd
|
Removed unused imports
|
2021-08-21 15:50:12 +02:00 |
|
Nex
|
96e4a9a4a4
|
Overhaul of mvt-ios modules
|
2021-08-16 10:50:35 +02:00 |
|
Nex
|
24d7187303
|
Fixed variable name
|
2021-08-15 20:02:17 +02:00 |
|
Nex
|
6af6c52f60
|
Renamed function for consistency
|
2021-08-15 20:01:33 +02:00 |
|
Nex
|
fdaf2fc760
|
Fixed WebkitSessionResourceLog module, still needs testing
|
2021-08-15 20:00:29 +02:00 |
|
Nex
|
ce6cc771b4
|
Replaced leftover dicts
|
2021-08-15 19:20:41 +02:00 |
|
Nex
|
9582778adf
|
Getting rid of dict()
|
2021-08-15 19:05:15 +02:00 |
|
Nex
|
5e6e4fa8d0
|
Added modules to extract details on configuration profiles from backup
|
2021-08-15 18:53:02 +02:00 |
|
Nex
|
9e5a412fe2
|
Creating helper function to locate files in Manifest.db
|
2021-08-15 17:39:14 +02:00 |
|