2.1.8

Release note

• New mode: Inspect mode II. Try trueseeing --inspect and (hopefully) enjoy
• New signature: cleartext traffic permitted status
• Considering fullBackupContent upon flagging "manipulatable backups"
• Writing summary upon successful scan
• Experimentally limiting graph size not to OOM
• Slightly refined hostlike filter
• internal: Switching toolchain: apkeditor and apksigner
• internal: Performance fixup
• internal: Dependency cleanup

2.1.7

Release note

• Providing official containers (alterakey/trueseeing)
• Adding cache controls -- force update ( --update-cache ) and no-cache mode ( --no-cache )
• Performance fix: official containers are basing on 3.11 and marking RE as deterministic
• Usability fix: dropping old inspect mode

2.1.6

Release Notes:

• Specifing precise version in running container and help msg fix
• Properly invoking non-contained disasm logic when the container is absent
• Updated public suffix list

2.1.5

Release notes:

• Lifting APK handling process into containers; we do not require Android SDK installed and we are now free from AV/HIPS interference, allowing more quicker/stabler analysis -- do trueseeing --bootstrap to give it a spin
• Lifting the codebase into the SQLite3 DB -- working directory format changed; extensions should be patched to refer files from DB (i.e. FS no longer contains them)
• Exploiting/patching facility no longer pollute the codebase, as they convey their patched content in the separated table in DB
• The default mmap(2) limit raised to 8GB
• internal: Fixing table name
• internal: Stabilizing store lifetime

2.1.4

Release notes:

• Loosely pegged dependencies

2.1.3

Release notes:

• Cleanly separating output/format options; now --output and --format respectively specify filename and format of report
• Invoking zipalign; building APKs with the correct alignment (of 4)
• Desynchronizing sigs/subprocesses

2.1.2

Release notes:

• New signature: rudimentary adb probe detector
• New signature: native methods detector
• New signature: native architectures enumerator
• New signature: insecure rooted device probe detector
• The log detector can detect potential logging into file
• The insecure WebView detector now attempt to evaluate effective Content-Security-Policy
• The TLS interception detector now consider basic Network Security Configrations
• The static key detector reports offending API calls
• Detecting library should be more consistent and comprehensive, including version deduction
• Writing generator version in report
• Reporting issues with 1-based index
• Generating TOC in report
• Now takes output file with the -o option
• Can exclude packages with the --exclude= option
• Can now get detailed progress (as in CI-mode) on stderr even in HTML/JSON reporting mode
• Now rebuilding APKs with aapt2
• Data graphs are now more consistent
• Single-file extensions is supported
• Fixed broken HTML template
• Updating apktool to stock 2.6.0
• Various signature fixups

2.1.1

This is a temporary release.

Release notes:

• Non-ascii classnames (such as DexGuard) no longer choke us
• The module ext can be placed under ~/.trueseeing2 and used to patch DB (patch_context(Context)) or signature chains (patch_signatures(Signatures))
• Improved performance
• internal: exposing type annotation to help write extensions
• internal: now checked with flake8 as well as mypy
• internal: refactoring

2.1.0

This release should mark the reboot of the project.

Release note:

• Requiring Python 3.7
• No longer crashes on absence of v1 sigs; fingerprinting path not manifests
• Grab on Android 11 should work as intended
• Working directory is placed side-by-side with the target (.trueseeing2-xxx) (backward-incompatible change)
• Smali analysis should be faster
• Operating SQLite3 DB in async-mode
• internal: using modern package system
• internal: using type-checks instead of fragile and incomplete testcases
• internal: refactoring