3.7
What's Changed
- Fix lastlog struct by @JSCU-CNI in #107
- Add Defender Quarantine Recovery by @MaxGroot in #96
- Add Velociraptor loader by @Zawadidone in #114
- Use TarFilesystemEntry in TarLoader by @Schamper in #112
- Add wireguard config parser plugin by @JSCU-CNI in #111
- Make tasks plugin a bit more robust by @Schamper in #123
- Make mft and mft_timeline plugin a bit more robust by @Schamper in #122
- Add applaunches function to amcache plugin by @JSCU-CNI in #120
- Improve unix command history plugin by @JSCU-CNI in #110
- Add Atop plugin by @Zawadidone in #108
- Refactor chromium based browser plugin by @Wouter-Jansen in #105
- Improve OSPlugin loading by @pyrco in #129
- Add locale plugin for unix and windows by @JSCU-CNI in #116
- Fix missing dependencies for the full extra by @pyrco in #139
- Fix windows sam parsing by @JSCU-CNI in #121
- Update the Windows version and ntversion plugins by @pyrco in #125
- Make defusedxml a main dependency by @pyrco in #140
- Use defusedxml instead of the build in xml module by @pyrco in #141
- Use only .py files when loading plugins by @pyrco in #138
- Improve unix users and passwords parsing by @JSCU-CNI in #126
- Add installdate function for unix and windows by @JSCU-CNI in #132
- Add docker container plugin by @JSCU-CNI in #115
- Make IIS parser more robust by @cecinestpasunepipe in #137
- Add compact flag to mft plugin by @Miauwkeru in #142
- Improve target-fs command line error handling by @pyrco in #143
- Add rudimentary support for zip files by @JSCU-CNI in #117
- Add folder as package by @Zawadidone in #146
- Defender add
DefenderBehaviorQuarantineRecord
to export by @Zawadidone in #152 - Add
IndexRecord
to export thumbcache functions by @Zawadidone in #154 - Small fixes to zip filesystem by @Schamper in #153
- Fix tar filesystem by @JSCU-CNI in #144
- Improve unix messages plugin by @JSCU-CNI in #131
- Improve bash autocompletion script by @Miauwkeru in #151
- Fix incorrect MappedFile behavior by @Schamper in #155
- Run black to satisfy new rules by @Schamper in #156
- Improve the robustness of the InternetExplorerPlugin by @pyrco in #157
- Add auth.log and secure log parsing for unix systems by @JSCU-CNI in #134
- Add WSL child plugin by @JSCU-CNI in #148
- Change path type of ChildTargetRecord by @Schamper in #160
- Change execution report log to debug by @Schamper in #159
- Improve locale for unix and windows by @JSCU-CNI in #150
- Correctly set volume in filesystems by @Schamper in #162
- Update style and pin on black v23.1.0 by @pyrco in #163
- Add isort to flake8 linting by @pyrco in #164
- Update the flow.record dependency to 3.9 by @pyrco in #165
- Fix TarFilesystem regression for relative lookups by @Schamper in #166
New Contributors
Full Changelog: 3.6...3.7