crt0mega/mvt
1
0
Fork 0
mirror of https://github.com/mvt-project/mvt.git synced 2024-06-24 05:18:55 +00:00
Code Issues Projects Releases Wiki Activity
872 Commits 24 Branches 68 Tags 6.1 MiB
9988887d27
Commit Graph

195 Commits

Author SHA1 Message Date
Nex
9988887d27 Updated copyright notice 2023-09-09 17:55:27 +02:00
tek
c719c4da1e
Bumps version 2023-09-05 13:01:20 +02:00
tek
0389d335ed
Bumps version 2023-07-26 18:20:25 +02:00
tek
7f9acec108 Move verbose indicator information to debug 2023-07-26 15:12:58 +02:00
Donncha Ó Cearbhaill
57d4aca72e
Refactor Android modules to remove duplication (#368) 
* Remove duplicated detection logic from GetProp modules
* Deduplicate settings and processes
* Refactor detection in artifacts
* Improves Artifact class
---------

Co-authored-by: tek <tek@randhome.io>
 2023-07-26 13:42:17 +02:00
Donncha Ó Cearbhaill
019cfbb84e
Merge pull request #363 from aticu/main 
Add option to disable interactivity and pass Android backup password on CLI
 2023-07-22 16:44:35 +02:00
Donncha Ó Cearbhaill
ca3c1bade4 Bump version to v2.4.0 
Bumping the minor version as we introduce some backwards-incompatible
API changes to module definition in #367.
 2023-07-21 12:14:31 +02:00
Niclas Schwarzlose
0edc9d7b81 Add option to disable interactivity 2023-07-19 11:29:51 +02:00
Donncha Ó Cearbhaill
e2c623c40f Move --fast flag from being a top-level MVT module parameter to an option in a new module_options parameter 2023-07-17 18:52:35 +02:00
tek
e7270d6a07 Fixes import and adds test for PR 361 2023-07-10 22:55:22 +02:00
Donncha Ó Cearbhaill
e2516f284b
Bump version number 2023-06-29 17:03:26 +02:00
Donncha Ó Cearbhaill
41db117168 Improve performance when checking URLs and domains 
Some MVT modules such as the WhatsApp module can be very slow as it was taking a naive approach to look for IOCs. The code was checking URLs (potentially more than 100k) against
1000's of IOC domains resulting in a quadratic run-time with hundreds of millions of comparisons as the number of IOCs increases.

This commit add an Aho-Corasick library which allows the efficient search in a string (the URL in this case) for all matches in set of keys (the IOCs). This data structure is perfect for this use case.

A quick measurement shows a 80% performance improvement for a WhatsApp database with 100k entries. The slow path is now the time spent fetching and expanding short URLs found in the database. This
can also be sped up significantly by fetching each URL asynchronously. This would require reworking modules to split the URL expansion from the IOC check so I will implement in a separate PR.
 2023-06-29 14:14:44 +02:00
Donncha Ó Cearbhaill
2b01ed7179 Add optional profiling for MVT modules 2023-06-29 13:31:13 +02:00
Nex
e1677639c4 Linted code using isort + autoflake + black, fixed wrong use of Optional[bool] 2023-06-01 23:40:26 +02:00
Sebastian Pederiva
912fb060cb
Fix error when creating report: csv.Error (#341) 2023-05-02 17:09:16 +02:00
tek
a9edf4a9fe
Bumps version 2023-04-25 12:20:45 +02:00
tek
fd81e3aa13 Adds verbose mode 2023-04-25 11:13:46 +02:00
tek
15477cc187 Bumps version 2023-04-13 17:59:05 +02:00
tek
8a507b0a0b Fixes a bug in WhatsApp iOS module 2023-04-13 09:26:52 +02:00
tek
63b95ee6a5 Bumps version 2023-04-12 12:52:57 +02:00
tek
1dc1ee2238 Improves Indicator object 2023-04-07 15:07:45 +02:00
tek
a2cbaacfce Fixes hashing issue 2023-04-07 14:51:54 +02:00
tek
801fe367ac Improves WebkitResourceLoadStatistics module 2023-04-07 14:43:20 +02:00
tek
2942209f62 Improves module handling 2023-04-07 12:25:01 +02:00
tek
06bf7b9cb1 Bumps version 2023-03-29 14:44:59 +02:00
tek
b5d7e528de Adds indicators for android properties 2023-03-29 12:57:41 +02:00
tek
49491800fb Improves typing 2023-03-24 19:02:02 +01:00
Donncha Ó Cearbhaill
11d58022cf Change checksum log message to info instead of warning 2023-03-03 21:21:32 +00:00
tek
4ed8ff51ff Improves code PEP8 compliance and adds ruff check 2023-03-01 16:43:08 -05:00
tek
383d9b16de Bumps version 2023-02-21 15:34:48 -05:00
tek
55f6a4ae54 Fixes mypy typing issues 2023-02-21 15:18:36 -05:00
Tek
7d79844749
Improves generation of hashes (#327) 
* Improves generation of hashes

* Adds generation of reference info.json hash
 2023-02-21 20:16:32 +01:00
tek
81ed0b0c19 Update copyright information 2023-02-08 20:18:16 +01:00
Nex
99e14ad8b0 Bumped version 2022-11-13 01:11:52 +01:00
Nex
00b7314395 Added quotes 2022-10-15 11:11:47 +02:00
Nex
39a8bf236d Merge branch 'patch-1' of github.com:besendorf/mvt into besendorf-patch-1 2022-10-15 11:11:29 +02:00
Nex
4e0a393a02 Bumped version 2022-10-01 12:40:04 +02:00
Nex
a863209abb Added check-androidqf command 2022-09-05 12:12:36 +02:00
Nex
4c7db02da4 Bumped version 2022-09-01 09:42:03 +02:00
tek
2365175dbd Adds check of process name in paths in indicators 2022-08-23 13:18:42 +02:00
besendorf
d61b2751f1
Add pip command for update 
Adds the pip comman for updating mvt. I think this would be helpfull for novice users as it already has been asked here: https://github.com/mvt-project/mvt/discussions/261
Also I sometimes forget the command too ;)
 2022-08-22 12:20:56 +02:00
Nex
fa7d6166f4 Removed legacy print 2022-08-19 15:19:46 +02:00
Nex
429b223555 Bumped version 2022-08-18 18:31:32 +02:00
Nex
e0f563596d Setting a default value for list of ioc files in case none was specified 2022-08-17 15:58:53 +02:00
Nex
ea5de0203a Changed default for Optional[str] 2022-08-17 15:52:17 +02:00
Nex
ace965ee8a Changed default value for optional lists to None 2022-08-17 15:37:12 +02:00
Nex
74a3ecaa4e Linted code 2022-08-16 16:02:17 +02:00
Nex
631354c131 Properly checking any potential domains in Manifest.db records (fixes: #293) 2022-08-16 15:40:28 +02:00
Nex
7ad7782b51 Merge branch 'main' of github.com:mvt-project/mvt 2022-08-16 13:40:14 +02:00
Nex
f04f91e1e3 Improved type hints and code style enforcement 2022-08-16 13:39:55 +02:00