tek
872d5d766e
Adds product name in iOS backup info module
2022-08-03 16:34:39 +02:00
Nex
f5abd0719c
Bumped version
2022-08-02 18:26:29 +02:00
Nex
6462ffc15d
Added iOS 15.6
2022-08-02 18:26:23 +02:00
Nex
6333cafd38
Bumped version
2022-07-25 17:43:37 +02:00
Nex
03c59811a3
Ordered imports
2022-07-25 17:43:27 +02:00
Nex
cfd3b5bbcb
Merge branch 'main' of github.com:mvt-project/mvt
2022-07-25 17:43:08 +02:00
Nex
97ab67240f
Creating MVT data folder when missing
2022-07-25 17:42:51 +02:00
Nex
7fc664185c
Flake8 fixes
2022-07-20 15:49:51 +02:00
Nex
93094367c7
Bumped version
2022-07-20 15:41:42 +02:00
Nex
e8fa9c6eea
Passing binary data to parse rather than a file path
2022-07-20 15:41:07 +02:00
Nex
79a01c45cc
Bumped version
2022-07-20 14:12:17 +02:00
Nex
a440d12377
Merge branch 'main' of github.com:mvt-project/mvt
2022-07-20 14:12:08 +02:00
Nex
8085888c0c
Improved parsing of profile events to support new formats as well
2022-07-20 14:11:36 +02:00
Nex
c2617fe778
Checking profile IDs in profile_events
2022-07-20 13:25:51 +02:00
Nex
2e1243864c
Added check_indicators to profile_events
2022-07-20 13:24:20 +02:00
tek
ba5ff9b38c
Fixes a minor typing bug
2022-07-18 14:25:01 +02:00
Nex
3fccebe132
Merge branch 'main' of github.com:mvt-project/mvt
2022-07-14 12:06:52 +02:00
Nex
1265b366c1
Added install_non_market_apps to settings warnings
2022-07-14 09:09:01 +02:00
Nex
c944fb3234
Enforcing quotes in timeline csv writing
2022-07-12 12:03:20 +02:00
Nex
e6b4d17027
Using error instead of warning for failed apk download
2022-07-12 11:55:31 +02:00
Nex
f55ac36189
Code style fixes
2022-07-12 11:55:10 +02:00
Nex
550d6037a6
Bumped version
2022-07-08 19:54:46 +02:00
Nex
e875c978c9
Optional address in SMS serialize
2022-07-08 19:54:33 +02:00
Nex
fbf510567c
Bumped version
2022-07-07 13:51:56 +02:00
Nex
94fe98b9ec
Removed unused imports
2022-07-07 13:00:38 +02:00
Nex
1ed6140cb6
Got rid of tqdm in favor of rich progress bar
2022-07-07 12:28:30 +02:00
Nex
efceb777f0
Small clean ups and type hints of mvt-android
2022-07-06 18:38:16 +02:00
Nex
14bbbd9e45
Refactored mvt-android adb Files module in order to keep copy of suspicious payloads
2022-07-06 17:45:21 +02:00
Nex
3cdc6da428
Temporarily removed mvt-ios check-usb command
2022-07-06 13:01:55 +02:00
Nex
459ff8c51c
Adding some more checks to bugreport packages module
2022-07-05 18:10:48 +02:00
lorenzo-reho
0a749da85f
Fixed cmd_download_apks serial connection bug
2022-07-02 16:14:27 +02:00
Nex
f81604133a
Fixed Prompt imports
2022-06-30 11:06:37 +02:00
Nex
cdd9b74cbc
Replaced getpass with Prompt
2022-06-30 10:58:50 +02:00
Nex
3fb37b4f30
Added finish() method to Command class
2022-06-30 10:26:33 +02:00
tek
61d0c4134d
Fixes a bug in mvt-android download-apks
2022-06-29 23:06:49 +02:00
Nex
c9f54947e3
Small language and style changes
2022-06-29 01:11:30 +02:00
Nex
298726ab2b
Minor style fixes
2022-06-29 00:57:25 +02:00
Nex
7222bc82e1
Sorting imports and removing unused ones
2022-06-29 00:05:36 +02:00
Nex
4a568835d2
Merge branch 'main' into feature/ios-check-usb
2022-06-28 23:58:38 +02:00
tek
f98282d6c5
Adds applications and device info iOS USB modules
2022-06-28 23:37:57 +02:00
tek
f864adf97e
First structure for mvt-ios check-usb
2022-06-28 20:35:52 +02:00
Nex
b6531e3e70
Forgot closing bold tags
2022-06-28 15:55:52 +02:00
Nex
ef662c1145
Added new indicators update to mvt-android
2022-06-28 15:03:52 +02:00
Nex
b8e5346660
Updating last check time when forcefully updating iocs
2022-06-28 13:12:09 +02:00
Nex
aedef123c9
Added frequency of indicators updates check
2022-06-28 12:54:33 +02:00
Nex
8ff8e599d8
Fixed flake8 and minor code style
2022-06-28 12:00:30 +02:00
Nex
815cdc0a88
Adding system to check for updates of indicators files and notify if any are available
2022-06-27 14:41:40 +02:00
Nex
7b92903536
Moved indicators file to dedicated repository
2022-06-25 00:41:58 +02:00
Nex
2bde693c35
Removed empty spaces
2022-06-24 15:20:09 +02:00
Nex
7daea737c6
Merge branch 'main' of github.com:mvt-project/mvt
2022-06-24 15:14:47 +02:00
Nex
0d75dc3ba0
Optionally loading indicators description
2022-06-24 15:14:33 +02:00
tek
0622357a64
Adds support for MMS parsing in android backups
2022-06-23 11:05:04 +02:00
tek
c4f91ba28b
Merge branch 'main' of github.com:mvt-project/mvt
2022-06-23 10:02:53 +02:00
tek
5ade0657ac
Fixes an issue in Android backup parsing
2022-06-23 10:02:37 +02:00
Nex
cca9083dff
Reintroduced is_backup and is_fs_dump
2022-06-22 17:54:03 +02:00
Nex
3f4ddaaa0c
Minor code style fixes
2022-06-22 17:53:53 +02:00
Nex
7024909e05
Adding more type hints
2022-06-22 16:53:29 +02:00
Nex
3899dce353
Hashing files only when MVT_HASH_FILES env is set
2022-06-20 23:41:59 +02:00
Nex
4830aa5a6c
Improved analytics iOS versions module, checking dates, and sorting results
2022-06-20 23:35:46 +02:00
Nex
3608576417
Added new AnalyticsIOSVersions to collect a timeline of iOS versions
2022-06-20 20:26:18 +02:00
Nex
043c234401
Moved logging and sorting of Analytics results
2022-06-20 19:06:48 +02:00
Nex
8663c78b63
Actually using self.log
2022-06-20 18:29:39 +02:00
Nex
b847683717
Catching PermissionError
2022-06-20 18:28:05 +02:00
Nex
2bc6fbef2f
Starting to add type hints
2022-06-17 22:30:46 +02:00
Nex
b77749e6ba
Storing information about analysis in info.json ( closes : #274 )
2022-06-17 17:48:07 +02:00
Nex
1643454190
Ordered commands arguments
2022-06-17 17:16:20 +02:00
Nex
c2f1fe718d
Fixed bug in store timeline logic
2022-06-17 17:16:00 +02:00
Nex
444ecf032d
Fixing newlines
2022-06-17 17:07:36 +02:00
Nex
dd230c2407
Added optional file logging
2022-06-17 14:56:39 +02:00
Nex
cd87b6ed31
Using proper logger in WhatsApp module
2022-06-17 13:40:30 +02:00
Nex
6f50af479d
Bumped version
2022-06-17 10:36:27 +02:00
Nex
2dbfef322a
Some marginal code style fix
2022-06-16 17:08:42 +02:00
Nex
fba4e27757
Refactored check-iocs command for Android as well
2022-06-16 17:02:38 +02:00
Nex
abc0f2768b
Fixed tests
2022-06-16 15:24:43 +02:00
Nex
e7fe30e201
Refactoring cli commands for iOS too
2022-06-16 15:18:50 +02:00
Nex
c54a01ca59
Fixing exceeding lines length
2022-06-16 15:01:07 +02:00
Nex
a12c4e6b93
First commit to refactor of command definitions
2022-06-15 17:41:19 +02:00
Nex
a7d35dba4a
Refactoring support for VirusTotal lookups, and removed Koodous lookups (ref: #273 )
2022-06-14 15:46:01 +02:00
Nex
3a6e4a7001
Temporarily disabled Koodous lookup
2022-06-13 20:06:35 +02:00
Nex
bb0e41e949
Bumped version
2022-06-03 11:44:44 +02:00
Nex
6844f0b90b
Added new iOS version
2022-06-03 11:43:42 +02:00
Nex
27f0364c1d
Removed static android data files
2022-05-09 11:09:07 +02:00
Nex
8dac714214
Added support for multiprocessing when decrypting an iOS backup
2022-05-08 17:25:27 +02:00
Nex
d82c788a18
Removed AUTHORS file in favor of explicit copyright notice
2022-05-08 14:53:50 +02:00
Nex
946a9ef02b
Added missing import
2022-05-08 14:51:31 +02:00
Nex
6162a1e1f2
Sorted imports
2022-05-08 14:47:54 +02:00
Nex
f61729deed
Starting to move declarative information to setup.cfg
2022-05-08 14:45:14 +02:00
Nex
ff41efba72
Bumped version
2022-04-05 21:46:38 +02:00
Nex
26e6a00bf5
Added new iOS version
2022-04-04 13:25:13 +02:00
Nex
9d61b9048c
Fixed variable names mismatch and styling
2022-03-30 08:49:22 +02:00
tek
9950b3d6c2
Add appops dumpsys parser and modules
2022-03-30 01:16:22 +02:00
tek
e0d30ea990
Removes check for a deprecated Android setting
2022-03-29 18:37:56 +02:00
Martin L. Fällman
f5cb7f06e1
Fix for missing base64 encoding of MDM certificate data in JSON output
2022-03-25 20:36:30 +01:00
Donncha Ó Cearbhaill
e3a8bde150
Fix path error when relative '.' used as backup source directory
2022-03-20 15:56:13 +01:00
Nex
d6af7c8cca
Updating flake8 config and fixed some violations
2022-03-18 11:10:06 +01:00
Nex
6584d8232c
Fixed bug in bugreport packages parser
2022-03-16 10:20:53 +01:00
Nex
bc5d386be7
Bumped version
2022-03-15 11:19:22 +01:00
Nex
03efc8494b
Added new iOS version
2022-03-15 11:19:05 +01:00
Nex
0b3f529cfa
Bumped version
2022-03-14 10:22:29 +01:00
Nex
9bdef6ede4
Fixing spacing
2022-03-10 11:35:49 +01:00
Nex
fc9a27d030
Sorted imports
2022-03-10 11:33:54 +01:00
Donncha Ó Cearbhaill
ac26aa964a
Fix exception with bad password
2022-03-04 17:24:26 +01:00
Donncha Ó Cearbhaill
be511dcb51
Refactor SMS ADB code to use backup functions
2022-03-04 17:06:10 +01:00
Donncha Ó Cearbhaill
b44c67e699
Refactor some of the decryption code
2022-03-04 17:04:32 +01:00
tek
a4d08f8f35
Replaces pyaes with cryptography and reorganize backup parser code
2022-03-04 15:05:10 +01:00
tek
86c79075ff
Reorganise code for backup modules
2022-03-04 10:10:56 +01:00
tek
639c163297
Adds partial compression support in Android Backup parsing
2022-02-23 16:18:45 +01:00
tek
8eb30e3a02
Improves android backup parsing for check-backup and check-adb
2022-02-23 15:07:13 +01:00
Donncha Ó Cearbhaill
cd0e7d9879
Fix syntax error with broken comment
2022-02-18 15:09:08 +01:00
Donncha Ó Cearbhaill
bdaaf15434
Add initial implementation of SMS extraction using ADB
2022-02-17 18:17:38 +01:00
tek
699824d9ff
Adds iOS version 15.3.1
2022-02-11 12:25:53 +01:00
Nex
8cca78d222
Missing newline
2022-02-09 13:31:27 +01:00
Nex
57cbb0ed56
Fixed typo
2022-02-09 13:30:31 +01:00
Nex
e9cc6b3928
Fixed code styling and added missing check in adb getprop
2022-02-09 13:20:09 +01:00
tek
6d47d4d416
Adds warning for outdated iOS systems
2022-02-08 15:49:10 +01:00
tek
ed54761747
Adds warning if phone is outdated in getprop module
2022-02-07 17:28:01 +01:00
Nex
71c4ba799f
Fixed help message for download-apks
2022-02-04 13:42:32 +01:00
Nex
09a6f291c0
Bumped version
2022-02-04 13:39:37 +01:00
Nex
b50be69dd4
Bumped version
2022-02-04 13:38:04 +01:00
Nex
6fc6102b73
Improved parsing of bugreports by finding dumpstate file name from main_entry.txt
2022-02-04 13:34:40 +01:00
Nex
3fe5d8dc8d
Fixing battery stats history parsing
2022-02-03 22:18:37 +01:00
Nex
fec6210d1b
Fixed parsing of dbinfo to support multiple formats
2022-02-03 20:36:47 +01:00
Nex
6a723e533f
Fixed logging in adb modules
2022-02-03 20:19:07 +01:00
Nex
ed8a5a3845
Fixed dumpstate parsing for different formats and added logging
2022-02-03 19:55:18 +01:00
Nex
04225a4455
Ignoring decoding errors
2022-02-03 19:40:36 +01:00
Nex
5987f218be
Supporting multiple file names
2022-02-03 19:26:45 +01:00
Nex
748780476e
Fixed a typo and catching exception
2022-02-03 19:20:26 +01:00
Nex
c522b54326
Supporting searching files by multiple patterns
2022-02-03 17:21:29 +01:00
Nex
0e0e346916
Fixed issue in parsing batterystats daily
2022-02-03 13:36:08 +01:00
Nex
69daf3c3cd
Added module checking SELinux enforcement status
2022-02-03 11:34:02 +01:00
Nex
230f81879a
Added check for indicators to Processes
2022-02-03 00:06:15 +01:00
Nex
df42efb7cb
Added getprop parser
2022-02-02 22:07:47 +01:00
Nex
0922e569b0
Sorted imports
2022-02-02 22:00:48 +01:00
Nex
03092cf3b7
Attempting split of parsers
2022-02-02 21:58:11 +01:00
Nex
ab63a02c9f
Code clean-ups
2022-02-02 19:18:47 +01:00
Nex
a833dda581
Added getprop bugreport module
2022-02-02 19:00:20 +01:00
Nex
512c349c2c
Sorted imports
2022-02-02 16:10:24 +01:00
Nex
b94ba28873
Supporting loading from extracted folder
2022-02-02 16:10:12 +01:00
Nex
564efc3629
Sorted imports
2022-02-02 15:49:24 +01:00
Nex
9c62e6e4d6
Added Packages module
2022-02-02 15:47:55 +01:00
Nex
153f6cce02
Returning stix2 file name with iocs as well
2022-02-02 14:57:32 +01:00
Nex
47f9a0104c
Added a break for speed
2022-02-02 14:54:40 +01:00
Nex
bdad23feee
Refactored indicators to support multiple malware/collections per stix2 file
2022-02-02 14:53:26 +01:00
Nex
e2936c3d33
Added new check-bugreport command and modules
2022-02-02 00:09:53 +01:00
Nex
3483ca1584
Package dumpsys parsing as static method
2022-02-01 21:45:26 +01:00
Nex
7b107edf1f
Bumped version
2022-02-01 17:54:01 +01:00
Nex
b97ce7651a
Fixed missing checks for indicators instance (ref: #245 )
2022-02-01 17:48:19 +01:00
Nex
52a204cab6
Obtaining permissions for installed packages
2022-02-01 15:33:19 +01:00
Nex
1b335fda1d
Renamed function argument to more descriptive
2022-02-01 15:07:43 +01:00
Nex
2ad175eae2
Renamed package to package_name for consistency
2022-02-01 14:27:00 +01:00
Nex
2d00dca5bd
Bumped version
2022-02-01 12:46:31 +01:00
Nex
434738a306
Better regexp formatting
2022-01-31 13:05:03 +01:00
Nex
06cd640c5e
Using static methods
2022-01-31 12:58:33 +01:00
Nex
fb8a7ca104
Enforce consistency in Android modules
2022-01-31 11:30:49 +01:00
Nex
8d15ff58dd
Renamed matched field name to singular
2022-01-30 20:29:09 +01:00
Nex
eb5f07a75d
Updated copyright notice
2022-01-30 20:15:01 +01:00
Nex
ececf1a6b2
Added module to extract db queries
2022-01-30 19:43:09 +01:00
Nex
851cd52602
Ordering and clean-up
2022-01-30 16:41:32 +01:00
Nex
8db04fc991
Added module to parse battery daily stats package updates
2022-01-30 16:02:24 +01:00
Nex
3d0ba56e1f
Fixed parsing of wake events
2022-01-30 15:20:03 +01:00
Nex
c48a4e8f50
Fixed variable name
2022-01-30 04:12:19 +01:00
Nex
001c2998a5
Removed unnecessary newlines
2022-01-30 04:11:46 +01:00
Nex
5e7c5727af
Added check for indicators to dumpsys modules
2022-01-30 04:08:48 +01:00
Nex
883fbaeb88
Parsing records from accessibility and battery history
2022-01-30 03:44:41 +01:00
Nex
6f0012cede
Removed modules which are only duplicated outputs from dumpsys full
2022-01-30 03:39:26 +01:00
Nex
458e80ccbb
Adding module to process battery history
2022-01-30 03:34:16 +01:00
Nex
c8185fdbd8
Small code clean-ups
2022-01-29 15:13:35 +01:00
Yallxe
43b1612dfe
Set utf-8 as an encoding for open()
...
Not every system uses 'utf-8' as a default encoding for opening files in Python.
Before you say that there must be a way to set default encoding in one line, no, there is not. At least, I didn't found a way to do this.
2022-01-29 12:18:18 +01:00
Nex
49e34f6299
Better parsing of dumpsys package and added parsing of Activities too
2022-01-29 03:50:33 +01:00
Nex
d88a66dd54
Fixed typo
2022-01-29 01:13:52 +01:00
Nex
d3ed778ae4
Fixed comment stylling
2022-01-29 01:13:29 +01:00
tek
4c3306c272
Separate receivers parsing in DumpsysReceivers
2022-01-29 01:06:32 +01:00
Nex
1c912f68fe
Bumped version
2022-01-28 22:25:41 +01:00
Nex
10a640d3f7
Temporary disabing VirusTotal lookup because of API issues
2022-01-28 22:25:21 +01:00
Nex
c3acc95e9e
Bumped version
2022-01-28 20:08:14 +01:00
Nex
90d05336da
Added check for additional outgoing call event
2022-01-28 17:21:28 +01:00
Nex
5513e6e9e3
Ordered imports
2022-01-28 16:36:24 +01:00
Nex
38116f8405
Catching device not found exception
2022-01-28 15:47:50 +01:00
Nex
59b069f006
Added lookups for non-system packages on check-adb too
2022-01-28 12:25:50 +01:00
Nex
28e1348aa7
Added check-iocs command to mvt-android
2022-01-27 18:23:19 +01:00
Nex
034338d1f4
Added iOS 15.3
2022-01-27 17:04:48 +01:00
Nex
09d5eabf2f
Changing check logic for Android settings
2022-01-27 15:24:17 +01:00
Nex
a425d6c511
Added missing comma and ordered imports
2022-01-27 14:56:02 +01:00
Nex
f8897a4f8c
Added more dangerous settings
2022-01-27 14:54:31 +01:00
Nex
86eae68bdb
Added Android settings module
2022-01-27 13:33:06 +01:00
Nex
d2bf348b03
Merge branch 'main' of github.com:mvt-project/mvt
2022-01-27 12:51:14 +01:00
Nex
25c6c03075
Added Getprop module and cleaned Files and Packages Android modules
2022-01-27 12:50:37 +01:00
tek
cf88740f6a
Fixes bugs in SafariBrowserState module and add tests
2022-01-26 14:50:34 +01:00
tek
eb4810b0ad
Fixes bug in parsing of configuration profiles
2022-01-25 20:32:27 +01:00
Nex
cce9159eda
Adding indicator to matched results
2022-01-23 15:01:49 +01:00
Nex
e1211991aa
Bumped version
2022-01-23 14:17:43 +01:00
Nex
8ae9ca328c
Added log line at the end to highlight number of detections
2022-01-21 16:50:32 +01:00
Nex
0e2eb51732
Fixed checking of indicators in filesystem module
2022-01-21 16:30:34 +01:00
Nex
b35cd4bc73
Added support for context-aware indicators.
...
This way when a detection is logged, the user can know which STIX2
file was matched by the module
2022-01-21 16:26:58 +01:00
Nex
1b4f99a31d
Trying to catch missing argument error (ref: #211 )
2022-01-21 12:20:22 +01:00
tek
e4e1716729
Bumped version
2022-01-20 15:28:42 +01:00
tek
083bc12351
Merge branch 'feature/check-file-path'
2022-01-20 15:19:37 +01:00
tek
95205d8e17
Adds indicators check to iOS TCC module
2022-01-18 17:12:20 +01:00
Nex
a6fd5fe1f3
Bumped version
2022-01-18 16:06:14 +01:00
Nex
3e0ef20fcd
.
2022-01-18 16:05:01 +01:00
Donncha Ó Cearbhaill
6fcd40f6b6
Fix use of global list instance as self.results variable
2022-01-18 15:53:05 +01:00
tek
38bb583a9e
Improves management of file path indicators
2022-01-18 15:50:31 +01:00
Donncha Ó Cearbhaill
48ec2d8fa8
Merge branch 'main' into tests
2022-01-18 15:30:40 +01:00
tek
798805c583
Improves Shortcut output
2022-01-18 13:06:35 +01:00
Nex
24be9e9570
Use default list of indicators files now that some default ones are automatically loaded
2022-01-14 16:26:14 +01:00
Nex
adbd95c559
Dots
2022-01-14 02:01:59 +01:00
Nex
8a707c288a
Bumped version
2022-01-14 01:53:10 +01:00
Nex
4c906ad52e
Renamed download iocs function
2022-01-14 01:52:57 +01:00
Nex
a2f8030cce
Added new iOS versions
2022-01-14 01:41:48 +01:00
Nex
737007afdb
Bumped version
2022-01-12 16:18:13 +01:00
Nex
33efeda90a
Added TODO note
2022-01-12 16:10:15 +01:00
Nex
146f2ae57d
Renaming check function for consistency
2022-01-12 16:02:13 +01:00
Nex
11bc916854
Sorted imports
2022-01-11 16:02:44 +01:00
Nex
3084876f31
Removing unused imports, fixing conditions, new lines
2022-01-11 16:02:01 +01:00
Nex
f63cb585b2
Shortened command to download-iocs
2022-01-11 15:59:01 +01:00
Nex
637aebcd89
Small cleanup
2022-01-11 15:53:10 +01:00
Nex
16a0de3af4
Added new module to highlight installed accessibility services
2022-01-11 15:16:26 +01:00
tek
15fbedccc9
Fixes a minor bug in WebkitResourceLoadStatistics
2022-01-10 18:09:31 +01:00
tek
e0514b20dd
Catches exception in Shortcuts module if the table does not exist
2022-01-10 16:58:12 +01:00
Donncha Ó Cearbhaill
54963b0b59
Update test PR to work with latest code, fix flake8
2022-01-07 17:03:53 +01:00
tek
28d57e7178
Add command to download latest public indicators
...
Squashed commit of the following:
commit c0d9e8d5d188c13e7e5ec0612e99bfb7e25f47d4
Author: Donncha Ó Cearbhaill <donncha.ocearbhaill@amnesty.org>
Date: Fri Jan 7 16:05:12 2022 +0100
Update name of indicators JSON file
commit f719e49c5f942cef64931ecf422b6a6e7b8c9f17
Author: Donncha Ó Cearbhaill <donncha.ocearbhaill@amnesty.org>
Date: Fri Jan 7 15:38:03 2022 +0100
Do not set indicators option on module if no indicators were loaded
commit a289eb8de936f7d74c6c787cbb8daf5c5bec015c
Author: Donncha Ó Cearbhaill <donncha.ocearbhaill@amnesty.org>
Date: Fri Jan 7 14:43:00 2022 +0100
Simplify code for loading IoCs
commit 0804563415ee80d76c13d3b38ffe639fa14caa14
Author: Donncha Ó Cearbhaill <donncha.ocearbhaill@amnesty.org>
Date: Fri Jan 7 13:43:47 2022 +0100
Add metadata to IoC entries
commit 97d0e893c1a0736c4931363ff40f09a030b90cf6
Author: tek <tek@randhome.io>
Date: Fri Dec 17 16:43:09 2021 +0100
Implements automated loading of indicators
commit c381e14df92ae4d7d846a1c97bcf6639cc526082
Author: tek <tek@randhome.io>
Date: Fri Dec 17 12:41:15 2021 +0100
Improves download-indicators
commit b938e02ddfd0b916fd883f510b467491a4a84e5f
Author: tek <tek@randhome.io>
Date: Fri Dec 17 01:44:26 2021 +0100
Adds download-indicators for mvt-ios and mvt-android
2022-01-07 16:38:04 +01:00
Nicolai Søborg
c282d4341d
Bump adb read timeout
...
Some adb commands (like `dumpsys`) are very slow and the default timeout is "only" 10s.
A timeout of 200 seconds is chosen completely at random - works on my phone 🤷
Fixes https://github.com/mvt-project/mvt/issues/113
Fixes https://github.com/mvt-project/mvt/issues/228
2021-12-28 13:56:04 +01:00
tek
681bae2f66
Bump version to v1.4.1
2021-12-27 16:19:25 +01:00
tek
82b57f1997
Fixes IOC issue in android CLI
2021-12-22 00:19:16 +01:00
Donncha Ó Cearbhaill
8f88f872df
Bump to 1.4.0 to skip previously used PyPi versions
2021-12-17 12:52:06 +01:00
Donncha Ó Cearbhaill
2d16218489
Bump version to v1.3.2
2021-12-17 12:24:41 +01:00
Donncha Ó Cearbhaill
3215e797ec
Bug fixes for config profile and shortcut module
2021-12-16 22:58:36 +01:00
Donncha Ó Cearbhaill
e80c02451c
Bump version to 1.3.1. Skipping 1.3 as a tag already exists
2021-12-16 19:27:58 +01:00
Donncha Ó Cearbhaill
5df50f864c
Merge branch 'main' into main
2021-12-16 19:21:18 +01:00
Donncha Ó Cearbhaill
45b31bb718
Add support for indentifying known malicious file paths over ADB
2021-12-16 19:16:24 +01:00
Donncha Ó Cearbhaill
e10f1767e6
Update WhatsApp module to search for links in attachments
2021-12-16 18:46:31 +01:00
tek
d64277c0bf
Adds missing iOS version
2021-12-16 18:39:22 +01:00
Donncha Ó Cearbhaill
3f3261511a
Add module to search for known malicious or suspicious configuration profiles
2021-12-16 17:57:26 +01:00
Donncha Ó Cearbhaill
4cfe75e2d4
Add module to parse iOS Shortcuts and search for malicious actions
2021-12-16 17:47:08 +01:00
tek
cdd90332f7
Adds timeline support to TCC iOS module
2021-12-16 13:57:44 +01:00
tek
d9b29b3739
Fixes indicator issue in the android cli
2021-12-16 12:51:57 +01:00
tek
79bb7d1d4b
Fixes indiator parsing bug
2021-12-13 18:37:05 +01:00
tek
a653cb3cfc
Implements loading STIX files from env variable MVT_STIX2
2021-12-10 16:11:59 +01:00
tek
b25cc48be0
Fixes issue in Safari Browser State for older iOS versions
2021-12-06 15:04:52 +01:00
tek
40bd9ddc1d
Fixes issue with different TCC database versions
2021-12-03 20:31:12 +01:00
Tek
deb95297da
Merge pull request #219 from workingreact/main
...
Fix ConfigurationProfiles
2021-12-03 19:56:43 +01:00
tek
02014b414b
Add warning for apple notification
2021-12-03 19:42:35 +01:00
tek
7dd5fe7831
Catch and recover malformed SMS database
2021-12-03 17:46:41 +01:00
workingreact
11d1a3dcee
fix typo
2021-12-02 18:31:07 +01:00
workingreact
74f9db2bf2
fix ConfigurationProfiles
2021-12-02 16:55:14 +01:00
tek
356bddc3af
Adds new iOS versions
2021-11-28 17:43:50 +01:00
Nex
512f40dcb4
Standardized code with flake8
2021-11-19 15:27:51 +01:00
Nex
b3a464ba58
Removed unused imports
2021-11-19 14:54:53 +01:00
Nex
529df85f0f
Sorted imports
2021-11-04 12:58:35 +01:00
panelmix
34c997f923
Replace NetworkingAnalytics with Analytics
2021-11-02 13:29:12 +01:00