3.7

What's Changed

• Fix lastlog struct by @JSCU-CNI in #107
• Add Defender Quarantine Recovery by @MaxGroot in #96
• Add Velociraptor loader by @Zawadidone in #114
• Use TarFilesystemEntry in TarLoader by @Schamper in #112
• Add wireguard config parser plugin by @JSCU-CNI in #111
• Make tasks plugin a bit more robust by @Schamper in #123
• Make mft and mft_timeline plugin a bit more robust by @Schamper in #122
• Add applaunches function to amcache plugin by @JSCU-CNI in #120
• Improve unix command history plugin by @JSCU-CNI in #110
• Add Atop plugin by @Zawadidone in #108
• Refactor chromium based browser plugin by @Wouter-Jansen in #105
• Improve OSPlugin loading by @pyrco in #129
• Add locale plugin for unix and windows by @JSCU-CNI in #116
• Fix missing dependencies for the full extra by @pyrco in #139
• Fix windows sam parsing by @JSCU-CNI in #121
• Update the Windows version and ntversion plugins by @pyrco in #125
• Make defusedxml a main dependency by @pyrco in #140
• Use defusedxml instead of the build in xml module by @pyrco in #141
• Use only .py files when loading plugins by @pyrco in #138
• Improve unix users and passwords parsing by @JSCU-CNI in #126
• Add installdate function for unix and windows by @JSCU-CNI in #132
• Add docker container plugin by @JSCU-CNI in #115
• Make IIS parser more robust by @cecinestpasunepipe in #137
• Add compact flag to mft plugin by @Miauwkeru in #142
• Improve target-fs command line error handling by @pyrco in #143
• Add rudimentary support for zip files by @JSCU-CNI in #117
• Add folder as package by @Zawadidone in #146
• Defender add DefenderBehaviorQuarantineRecord to export by @Zawadidone in #152
• Add IndexRecord to export thumbcache functions by @Zawadidone in #154
• Small fixes to zip filesystem by @Schamper in #153
• Fix tar filesystem by @JSCU-CNI in #144
• Improve unix messages plugin by @JSCU-CNI in #131
• Improve bash autocompletion script by @Miauwkeru in #151
• Fix incorrect MappedFile behavior by @Schamper in #155
• Run black to satisfy new rules by @Schamper in #156
• Improve the robustness of the InternetExplorerPlugin by @pyrco in #157
• Add auth.log and secure log parsing for unix systems by @JSCU-CNI in #134
• Add WSL child plugin by @JSCU-CNI in #148
• Change path type of ChildTargetRecord by @Schamper in #160
• Change execution report log to debug by @Schamper in #159
• Improve locale for unix and windows by @JSCU-CNI in #150
• Correctly set volume in filesystems by @Schamper in #162
• Update style and pin on black v23.1.0 by @pyrco in #163
• Add isort to flake8 linting by @pyrco in #164
• Update the flow.record dependency to 3.9 by @pyrco in #165
• Fix TarFilesystem regression for relative lookups by @Schamper in #166

New Contributors

• @JSCU-CNI made their first contribution in #107
• @MaxGroot made their first contribution in #96

Full Changelog: 3.6...3.7