Rory Flynn
cbd41b2aff
Mark 2.5.3 release ( #490 )
2024-04-19 17:23:55 +02:00
Rory Flynn
0509eaa162
Use backwards-compatible datetime.timezone.utc ( #488 )
2024-04-19 17:22:10 +02:00
Rory Flynn
f1821d1a02
Mark release 2.5.2 ( #486 )
2024-04-18 16:53:41 +02:00
Rory Flynn
6c7ad0ac95
Convert timezone-aware datetimes automatically to UTC ( #485 )
2024-04-18 16:49:30 +02:00
Donncha Ó Cearbhaill
7a4946e2c6
Mark release 2.5.1 ( #481 )
...
Signed-off-by: Donncha Ó Cearbhaill <donncha.ocearbhaill@amnesty.org>
2024-04-11 11:14:42 +02:00
r-tx
e1c4f4eb7a
Add more short urls ( #479 )
...
Co-authored-by: r-tx <r-tx@users.noreply.github.com>
2024-04-11 11:08:15 +02:00
Donncha Ó Cearbhaill
f9d7b550dc
Add docs explaining how to seek expert help for forensic analysis ( #476 )
...
* Update forensic support links in the documentation
* Add expert help message to MVT output
* Add warning to disable ADB after an Android acquisition
* Include Developer Options in the ADB warning text
2024-04-08 18:47:59 +02:00
Rory Flynn
ad3bc3470e
Mark release 2.5.0 ( #445 )
2024-01-04 20:08:42 +01:00
Christian Clauss
5d2ff32e3a
dumpsys_accessibility.py: Spell accessibility correctly ( #441 )
...
* dumpsys_accessibility.py: Spell accessibility correctly
* Fix typo
2024-01-03 18:59:06 +01:00
Rory Flynn
a1571c127d
Mark release 2.4.5 ( #436 )
2023-12-11 11:10:36 +01:00
Rory Flynn
4a6b483ce3
Mark release 2.4.4 ( #433 )
2023-12-04 17:05:04 +01:00
Rory Flynn
1d075abde9
Make MVTModule.get_slug()
a classmethod ( #418 )
2023-11-22 10:37:38 +01:00
tek
73104814ba
Bumps version
2023-11-18 08:58:26 +01:00
Rory Flynn
4b4cad46ba
Add CustomJSONEncoder
to handle bytes types ( #414 )
...
Adds a custom JSON encoder class to fix serialisation issues where modules included bytes types containing non-utf8 bytes, which can't be serialised to JSON.
---------
Co-authored-by: Rory Flynn <rory.flynn@amnesty.org>
2023-11-15 11:40:24 +01:00
Nex
9988887d27
Updated copyright notice
2023-09-09 17:55:27 +02:00
tek
c719c4da1e
Bumps version
2023-09-05 13:01:20 +02:00
tek
0389d335ed
Bumps version
2023-07-26 18:20:25 +02:00
tek
7f9acec108
Move verbose indicator information to debug
2023-07-26 15:12:58 +02:00
Donncha Ó Cearbhaill
57d4aca72e
Refactor Android modules to remove duplication ( #368 )
...
* Remove duplicated detection logic from GetProp modules
* Deduplicate settings and processes
* Refactor detection in artifacts
* Improves Artifact class
---------
Co-authored-by: tek <tek@randhome.io>
2023-07-26 13:42:17 +02:00
Donncha Ó Cearbhaill
019cfbb84e
Merge pull request #363 from aticu/main
...
Add option to disable interactivity and pass Android backup password on CLI
2023-07-22 16:44:35 +02:00
Donncha Ó Cearbhaill
ca3c1bade4
Bump version to v2.4.0
...
Bumping the minor version as we introduce some backwards-incompatible
API changes to module definition in #367 .
2023-07-21 12:14:31 +02:00
Niclas Schwarzlose
0edc9d7b81
Add option to disable interactivity
2023-07-19 11:29:51 +02:00
Donncha Ó Cearbhaill
e2c623c40f
Move --fast flag from being a top-level MVT module parameter to an option in a new module_options parameter
2023-07-17 18:52:35 +02:00
tek
e7270d6a07
Fixes import and adds test for PR 361
2023-07-10 22:55:22 +02:00
Donncha Ó Cearbhaill
e2516f284b
Bump version number
2023-06-29 17:03:26 +02:00
Donncha Ó Cearbhaill
41db117168
Improve performance when checking URLs and domains
...
Some MVT modules such as the WhatsApp module can be very slow as it was taking a naive approach to look for IOCs. The code was checking URLs (potentially more than 100k) against
1000's of IOC domains resulting in a quadratic run-time with hundreds of millions of comparisons as the number of IOCs increases.
This commit add an Aho-Corasick library which allows the efficient search in a string (the URL in this case) for all matches in set of keys (the IOCs). This data structure is perfect for this use case.
A quick measurement shows a 80% performance improvement for a WhatsApp database with 100k entries. The slow path is now the time spent fetching and expanding short URLs found in the database. This
can also be sped up significantly by fetching each URL asynchronously. This would require reworking modules to split the URL expansion from the IOC check so I will implement in a separate PR.
2023-06-29 14:14:44 +02:00
Donncha Ó Cearbhaill
2b01ed7179
Add optional profiling for MVT modules
2023-06-29 13:31:13 +02:00
Nex
e1677639c4
Linted code using isort + autoflake + black, fixed wrong use of Optional[bool]
2023-06-01 23:40:26 +02:00
Sebastian Pederiva
912fb060cb
Fix error when creating report: csv.Error ( #341 )
2023-05-02 17:09:16 +02:00
tek
a9edf4a9fe
Bumps version
2023-04-25 12:20:45 +02:00
tek
fd81e3aa13
Adds verbose mode
2023-04-25 11:13:46 +02:00
tek
15477cc187
Bumps version
2023-04-13 17:59:05 +02:00
tek
8a507b0a0b
Fixes a bug in WhatsApp iOS module
2023-04-13 09:26:52 +02:00
tek
63b95ee6a5
Bumps version
2023-04-12 12:52:57 +02:00
tek
1dc1ee2238
Improves Indicator object
2023-04-07 15:07:45 +02:00
tek
a2cbaacfce
Fixes hashing issue
2023-04-07 14:51:54 +02:00
tek
801fe367ac
Improves WebkitResourceLoadStatistics module
2023-04-07 14:43:20 +02:00
tek
2942209f62
Improves module handling
2023-04-07 12:25:01 +02:00
tek
06bf7b9cb1
Bumps version
2023-03-29 14:44:59 +02:00
tek
b5d7e528de
Adds indicators for android properties
2023-03-29 12:57:41 +02:00
tek
49491800fb
Improves typing
2023-03-24 19:02:02 +01:00
Donncha Ó Cearbhaill
11d58022cf
Change checksum log message to info instead of warning
2023-03-03 21:21:32 +00:00
tek
4ed8ff51ff
Improves code PEP8 compliance and adds ruff check
2023-03-01 16:43:08 -05:00
tek
383d9b16de
Bumps version
2023-02-21 15:34:48 -05:00
tek
55f6a4ae54
Fixes mypy typing issues
2023-02-21 15:18:36 -05:00
Tek
7d79844749
Improves generation of hashes ( #327 )
...
* Improves generation of hashes
* Adds generation of reference info.json hash
2023-02-21 20:16:32 +01:00
tek
81ed0b0c19
Update copyright information
2023-02-08 20:18:16 +01:00
Nex
99e14ad8b0
Bumped version
2022-11-13 01:11:52 +01:00
Nex
00b7314395
Added quotes
2022-10-15 11:11:47 +02:00
Nex
39a8bf236d
Merge branch 'patch-1' of github.com:besendorf/mvt into besendorf-patch-1
2022-10-15 11:11:29 +02:00