crt0mega/mvt
1
0
Fork 0
mirror of https://github.com/mvt-project/mvt.git synced 2024-06-26 14:28:54 +00:00
Code Issues Projects Releases Wiki Activity
942 Commits 26 Branches 68 Tags 6.1 MiB
v2.5.3
Commit Graph

209 Commits

Author SHA1 Message Date
Rory Flynn
cbd41b2aff
Mark 2.5.3 release (#490) 2024-04-19 17:23:55 +02:00
Rory Flynn
0509eaa162
Use backwards-compatible datetime.timezone.utc (#488) 2024-04-19 17:22:10 +02:00
Rory Flynn
f1821d1a02
Mark release 2.5.2 (#486) 2024-04-18 16:53:41 +02:00
Rory Flynn
6c7ad0ac95
Convert timezone-aware datetimes automatically to UTC (#485) 2024-04-18 16:49:30 +02:00
Donncha Ó Cearbhaill
7a4946e2c6
Mark release 2.5.1 (#481) 
Signed-off-by: Donncha Ó Cearbhaill <donncha.ocearbhaill@amnesty.org>
 2024-04-11 11:14:42 +02:00
r-tx
e1c4f4eb7a
Add more short urls (#479) 
Co-authored-by: r-tx <r-tx@users.noreply.github.com>
 2024-04-11 11:08:15 +02:00
Donncha Ó Cearbhaill
f9d7b550dc
Add docs explaining how to seek expert help for forensic analysis (#476) 
* Update forensic support links in the documentation

* Add expert help message to MVT output

* Add warning to disable ADB after an Android acquisition

* Include Developer Options in the ADB warning text
 2024-04-08 18:47:59 +02:00
Rory Flynn
ad3bc3470e
Mark release 2.5.0 (#445) 2024-01-04 20:08:42 +01:00
Christian Clauss
5d2ff32e3a
dumpsys_accessibility.py: Spell accessibility correctly (#441) 
* dumpsys_accessibility.py: Spell accessibility correctly

* Fix typo
 2024-01-03 18:59:06 +01:00
Rory Flynn
a1571c127d
Mark release 2.4.5 (#436) 2023-12-11 11:10:36 +01:00
Rory Flynn
4a6b483ce3
Mark release 2.4.4 (#433) 2023-12-04 17:05:04 +01:00
Rory Flynn
1d075abde9
Make MVTModule.get_slug() a classmethod (#418) 2023-11-22 10:37:38 +01:00
tek
73104814ba Bumps version 2023-11-18 08:58:26 +01:00
Rory Flynn
4b4cad46ba
Add CustomJSONEncoder to handle bytes types (#414) 
Adds a custom JSON encoder class to fix serialisation issues where modules included bytes types containing non-utf8 bytes, which can't be serialised to JSON.

---------

Co-authored-by: Rory Flynn <rory.flynn@amnesty.org>
 2023-11-15 11:40:24 +01:00
Nex
9988887d27 Updated copyright notice 2023-09-09 17:55:27 +02:00
tek
c719c4da1e
Bumps version 2023-09-05 13:01:20 +02:00
tek
0389d335ed
Bumps version 2023-07-26 18:20:25 +02:00
tek
7f9acec108 Move verbose indicator information to debug 2023-07-26 15:12:58 +02:00
Donncha Ó Cearbhaill
57d4aca72e
Refactor Android modules to remove duplication (#368) 
* Remove duplicated detection logic from GetProp modules
* Deduplicate settings and processes
* Refactor detection in artifacts
* Improves Artifact class
---------

Co-authored-by: tek <tek@randhome.io>
 2023-07-26 13:42:17 +02:00
Donncha Ó Cearbhaill
019cfbb84e
Merge pull request #363 from aticu/main 
Add option to disable interactivity and pass Android backup password on CLI
 2023-07-22 16:44:35 +02:00
Donncha Ó Cearbhaill
ca3c1bade4 Bump version to v2.4.0 
Bumping the minor version as we introduce some backwards-incompatible
API changes to module definition in #367.
 2023-07-21 12:14:31 +02:00
Niclas Schwarzlose
0edc9d7b81 Add option to disable interactivity 2023-07-19 11:29:51 +02:00
Donncha Ó Cearbhaill
e2c623c40f Move --fast flag from being a top-level MVT module parameter to an option in a new module_options parameter 2023-07-17 18:52:35 +02:00
tek
e7270d6a07 Fixes import and adds test for PR 361 2023-07-10 22:55:22 +02:00
Donncha Ó Cearbhaill
e2516f284b
Bump version number 2023-06-29 17:03:26 +02:00
Donncha Ó Cearbhaill
41db117168 Improve performance when checking URLs and domains 
Some MVT modules such as the WhatsApp module can be very slow as it was taking a naive approach to look for IOCs. The code was checking URLs (potentially more than 100k) against
1000's of IOC domains resulting in a quadratic run-time with hundreds of millions of comparisons as the number of IOCs increases.

This commit add an Aho-Corasick library which allows the efficient search in a string (the URL in this case) for all matches in set of keys (the IOCs). This data structure is perfect for this use case.

A quick measurement shows a 80% performance improvement for a WhatsApp database with 100k entries. The slow path is now the time spent fetching and expanding short URLs found in the database. This
can also be sped up significantly by fetching each URL asynchronously. This would require reworking modules to split the URL expansion from the IOC check so I will implement in a separate PR.
 2023-06-29 14:14:44 +02:00
Donncha Ó Cearbhaill
2b01ed7179 Add optional profiling for MVT modules 2023-06-29 13:31:13 +02:00
Nex
e1677639c4 Linted code using isort + autoflake + black, fixed wrong use of Optional[bool] 2023-06-01 23:40:26 +02:00
Sebastian Pederiva
912fb060cb
Fix error when creating report: csv.Error (#341) 2023-05-02 17:09:16 +02:00
tek
a9edf4a9fe
Bumps version 2023-04-25 12:20:45 +02:00
tek
fd81e3aa13 Adds verbose mode 2023-04-25 11:13:46 +02:00
tek
15477cc187 Bumps version 2023-04-13 17:59:05 +02:00
tek
8a507b0a0b Fixes a bug in WhatsApp iOS module 2023-04-13 09:26:52 +02:00
tek
63b95ee6a5 Bumps version 2023-04-12 12:52:57 +02:00
tek
1dc1ee2238 Improves Indicator object 2023-04-07 15:07:45 +02:00
tek
a2cbaacfce Fixes hashing issue 2023-04-07 14:51:54 +02:00
tek
801fe367ac Improves WebkitResourceLoadStatistics module 2023-04-07 14:43:20 +02:00
tek
2942209f62 Improves module handling 2023-04-07 12:25:01 +02:00
tek
06bf7b9cb1 Bumps version 2023-03-29 14:44:59 +02:00
tek
b5d7e528de Adds indicators for android properties 2023-03-29 12:57:41 +02:00
tek
49491800fb Improves typing 2023-03-24 19:02:02 +01:00
Donncha Ó Cearbhaill
11d58022cf Change checksum log message to info instead of warning 2023-03-03 21:21:32 +00:00
tek
4ed8ff51ff Improves code PEP8 compliance and adds ruff check 2023-03-01 16:43:08 -05:00
tek
383d9b16de Bumps version 2023-02-21 15:34:48 -05:00
tek
55f6a4ae54 Fixes mypy typing issues 2023-02-21 15:18:36 -05:00
Tek
7d79844749
Improves generation of hashes (#327) 
* Improves generation of hashes

* Adds generation of reference info.json hash
 2023-02-21 20:16:32 +01:00
tek
81ed0b0c19 Update copyright information 2023-02-08 20:18:16 +01:00
Nex
99e14ad8b0 Bumped version 2022-11-13 01:11:52 +01:00
Nex
00b7314395 Added quotes 2022-10-15 11:11:47 +02:00
Nex
39a8bf236d Merge branch 'patch-1' of github.com:besendorf/mvt into besendorf-patch-1 2022-10-15 11:11:29 +02:00