Nex
9988887d27
Updated copyright notice
2023-09-09 17:55:27 +02:00
tek
c719c4da1e
Bumps version
2023-09-05 13:01:20 +02:00
tek
0389d335ed
Bumps version
2023-07-26 18:20:25 +02:00
tek
7f9acec108
Move verbose indicator information to debug
2023-07-26 15:12:58 +02:00
Donncha Ó Cearbhaill
57d4aca72e
Refactor Android modules to remove duplication ( #368 )
...
* Remove duplicated detection logic from GetProp modules
* Deduplicate settings and processes
* Refactor detection in artifacts
* Improves Artifact class
---------
Co-authored-by: tek <tek@randhome.io>
2023-07-26 13:42:17 +02:00
Donncha Ó Cearbhaill
019cfbb84e
Merge pull request #363 from aticu/main
...
Add option to disable interactivity and pass Android backup password on CLI
2023-07-22 16:44:35 +02:00
Donncha Ó Cearbhaill
ca3c1bade4
Bump version to v2.4.0
...
Bumping the minor version as we introduce some backwards-incompatible
API changes to module definition in #367 .
2023-07-21 12:14:31 +02:00
Niclas Schwarzlose
0edc9d7b81
Add option to disable interactivity
2023-07-19 11:29:51 +02:00
Donncha Ó Cearbhaill
e2c623c40f
Move --fast flag from being a top-level MVT module parameter to an option in a new module_options parameter
2023-07-17 18:52:35 +02:00
tek
e7270d6a07
Fixes import and adds test for PR 361
2023-07-10 22:55:22 +02:00
Donncha Ó Cearbhaill
e2516f284b
Bump version number
2023-06-29 17:03:26 +02:00
Donncha Ó Cearbhaill
41db117168
Improve performance when checking URLs and domains
...
Some MVT modules such as the WhatsApp module can be very slow as it was taking a naive approach to look for IOCs. The code was checking URLs (potentially more than 100k) against
1000's of IOC domains resulting in a quadratic run-time with hundreds of millions of comparisons as the number of IOCs increases.
This commit add an Aho-Corasick library which allows the efficient search in a string (the URL in this case) for all matches in set of keys (the IOCs). This data structure is perfect for this use case.
A quick measurement shows a 80% performance improvement for a WhatsApp database with 100k entries. The slow path is now the time spent fetching and expanding short URLs found in the database. This
can also be sped up significantly by fetching each URL asynchronously. This would require reworking modules to split the URL expansion from the IOC check so I will implement in a separate PR.
2023-06-29 14:14:44 +02:00
Donncha Ó Cearbhaill
2b01ed7179
Add optional profiling for MVT modules
2023-06-29 13:31:13 +02:00
Nex
e1677639c4
Linted code using isort + autoflake + black, fixed wrong use of Optional[bool]
2023-06-01 23:40:26 +02:00
Sebastian Pederiva
912fb060cb
Fix error when creating report: csv.Error ( #341 )
2023-05-02 17:09:16 +02:00
tek
a9edf4a9fe
Bumps version
2023-04-25 12:20:45 +02:00
tek
fd81e3aa13
Adds verbose mode
2023-04-25 11:13:46 +02:00
tek
15477cc187
Bumps version
2023-04-13 17:59:05 +02:00
tek
8a507b0a0b
Fixes a bug in WhatsApp iOS module
2023-04-13 09:26:52 +02:00
tek
63b95ee6a5
Bumps version
2023-04-12 12:52:57 +02:00
tek
1dc1ee2238
Improves Indicator object
2023-04-07 15:07:45 +02:00
tek
a2cbaacfce
Fixes hashing issue
2023-04-07 14:51:54 +02:00
tek
801fe367ac
Improves WebkitResourceLoadStatistics module
2023-04-07 14:43:20 +02:00
tek
2942209f62
Improves module handling
2023-04-07 12:25:01 +02:00
tek
06bf7b9cb1
Bumps version
2023-03-29 14:44:59 +02:00
tek
b5d7e528de
Adds indicators for android properties
2023-03-29 12:57:41 +02:00
tek
49491800fb
Improves typing
2023-03-24 19:02:02 +01:00
Donncha Ó Cearbhaill
11d58022cf
Change checksum log message to info instead of warning
2023-03-03 21:21:32 +00:00
tek
4ed8ff51ff
Improves code PEP8 compliance and adds ruff check
2023-03-01 16:43:08 -05:00
tek
383d9b16de
Bumps version
2023-02-21 15:34:48 -05:00
tek
55f6a4ae54
Fixes mypy typing issues
2023-02-21 15:18:36 -05:00
Tek
7d79844749
Improves generation of hashes ( #327 )
...
* Improves generation of hashes
* Adds generation of reference info.json hash
2023-02-21 20:16:32 +01:00
tek
81ed0b0c19
Update copyright information
2023-02-08 20:18:16 +01:00
Nex
99e14ad8b0
Bumped version
2022-11-13 01:11:52 +01:00
Nex
00b7314395
Added quotes
2022-10-15 11:11:47 +02:00
Nex
39a8bf236d
Merge branch 'patch-1' of github.com:besendorf/mvt into besendorf-patch-1
2022-10-15 11:11:29 +02:00
Nex
4e0a393a02
Bumped version
2022-10-01 12:40:04 +02:00
Nex
a863209abb
Added check-androidqf command
2022-09-05 12:12:36 +02:00
Nex
4c7db02da4
Bumped version
2022-09-01 09:42:03 +02:00
tek
2365175dbd
Adds check of process name in paths in indicators
2022-08-23 13:18:42 +02:00
besendorf
d61b2751f1
Add pip command for update
...
Adds the pip comman for updating mvt. I think this would be helpfull for novice users as it already has been asked here: https://github.com/mvt-project/mvt/discussions/261
Also I sometimes forget the command too ;)
2022-08-22 12:20:56 +02:00
Nex
fa7d6166f4
Removed legacy print
2022-08-19 15:19:46 +02:00
Nex
429b223555
Bumped version
2022-08-18 18:31:32 +02:00
Nex
e0f563596d
Setting a default value for list of ioc files in case none was specified
2022-08-17 15:58:53 +02:00
Nex
ea5de0203a
Changed default for Optional[str]
2022-08-17 15:52:17 +02:00
Nex
ace965ee8a
Changed default value for optional lists to None
2022-08-17 15:37:12 +02:00
Nex
74a3ecaa4e
Linted code
2022-08-16 16:02:17 +02:00
Nex
631354c131
Properly checking any potential domains in Manifest.db records ( fixes : #293 )
2022-08-16 15:40:28 +02:00
Nex
7ad7782b51
Merge branch 'main' of github.com:mvt-project/mvt
2022-08-16 13:40:14 +02:00
Nex
f04f91e1e3
Improved type hints and code style enforcement
2022-08-16 13:39:55 +02:00