3.16
What's Changed
- Add support for XML configuration files by @cecinestpasunepipe in #495
- Pin pytest to a version <8.0.0 for now by @pyrco in #517
- Fix hostname plugin for RedHat systems by @florisvanstal in #513
- Support Windows installations on alternative drive letters by @Schamper in #497
- Initial cookies implementation for Firefox and Chromium by @YoeriNijs in #453
- Only run CI on PR and main branch pushes by @Schamper in #512
- Fix iexplore download records to use a proper path by @pyrco in #521
- Add MUI support for timezone translations by @JSCU-CNI in #518
- Fix various unit tests with side-effects by @Schamper in #520
- Add option to add comments to keychain file by @Poeloe in #523
- Replace mimikatz binary in quarantine data with DUMMY_PAYLOAD by @Miauwkeru in #524
- Fix removing get_all_records() exports by plugin_function_index() by @pyrco in #527
- Small consistency fixes in browser plugins by @Schamper in #529
- Fix some issues with tests not being independent from other tests by @pyrco in #526
- Add mount by LABEL= for ext filesystems by @Miauwkeru in #532
- Fix escapes in Apache plugin docstring by @Schamper in #534
- Align cyber by @Schamper in #533
- Expand user home when passing a path as URI by @Schamper in #535
- Add decryption keys for FortiGate 7.0.14 and 7.4.3 by @JSCU-CNI in #536
- Add xampp paths to ApachePlugin by @JSCU-CNI in #537
- Add JSON and YAML support to configutil by @Miauwkeru in #528
- Add Brave browser plugin by @JSCU-CNI in #538
- Add docker logs plugin by @JSCU-CNI in #507
- Add Linux locate plugin by @JSCU-CNI in #505
- Add basic cpio filesystem by @JSCU-CNI in #531
- Fix bug in defender evtx that resulted in ts field value being None by @Poeloe in #543
- Apply bug workaround in plocate plugin to all PyPy versions by @Horofic in #546
- Revert back to yara-python by @Schamper in #545
- Add
map_dir_from_tar
andmap_file_from_tar
by @JSCU-CNI in #508 - Move lru_cache definitions to init by @Miauwkeru in #547
- Add a decryption function to use on a local esxi target by @Miauwkeru in #542
- Fix bug in WER plugin caused by special characters in field name by @Poeloe in #544
- Fix performance regression due to TarFilesystem by @Schamper in #552
- Fix mounting BDE GPT volumes by @Schamper in #551
- add tests for symlink logic MappedFile by @cecinestpasunepipe in #554
- Add filesystem support for vmtar by @Schamper in #553
- IIS plugin does not process logs in default dir without ApplicationHo… by @cecinestpasunepipe in #549
- Document supported configurations for the Velociraptor loader by @Zawadidone in #558
- Extend AllowedIPs in wireguard to accept multiple ip addresses by @Miauwkeru in #555
- Mount volumes to drive letters in Velociraptor loader by @Schamper in #560
- Fix consistency in
HAVE_
/HAS_
constants by @Schamper in #564 - Fix Carbon Black SDK dependency by @Schamper in #565
- Improve target registry tool by @JSCU-CNI in #561
- Add more FortiGate keys and decryption tests by @yunzheng in #568
- Add lru_cache for UsersPlugin's find method by @Poeloe in #567
New Contributors
- @florisvanstal made their first contribution in #513
- @YoeriNijs made their first contribution in #453
Full Changelog: 3.15...3.16