339a1d0712
Deduplicate ADB AndroidQF and other modules ( #606 )
...
* Run bugreport and backup modules during check-androidqf
Adding support to automatically run ADB backup and bugreport modules
automatically when running the check-androidqf command. This is a first
step to deduplicate the code for Android modules.
* Deduplicate modules which are run by the sub-commands.
* Raise the proper NoAndroidQFBackup exception when a back-up isn't found
* add missing import
* Fix imports and remove duplicate hashes param
* Rename from_folder to from_dir in tests
---------
Co-authored-by: besendorf <janik@besendorf.org >
2025-10-31 13:46:33 +01:00
4757cff262
Fixes date parsing issue in tombstones ( #635 )
2025-06-12 20:49:31 +02:00
b184eeedf4
Handle XML encoded ADB keystore and fix parsing bugs ( #605 )
2025-02-07 02:00:24 +01:00
4e97e85350
Load Android device timezone info and add additional file modification logs ( #567 )
...
* Use local timestamp for Files module timeline.
Most other Android timestamps appear to be local time. The
results timeline is more useful if all the timestamps
are consistent. I would prefer to use UTC, but that would
mean converting all the other timestamps to UTC as well. We probably
do not have sufficient information to do that accurately,
especially if the device is moving between timezones..
* Add file timestamp modules to add logs into timeline
* Handle case were we cannot load device timezone
* Fix crash if prop file does not exist
* Move _get_file_modification_time to BugReportModule
* Add backport for timezone and fix Tombstone module to use local time.
* Fix import for backported Zoneinfo
* Fix ruff error
2025-02-06 20:51:15 +01:00
b7595b62eb
Add initial tombstone parser
...
This supports parsing tombstone files from Android bugreports. The parser
can load both the legacy text format and the new binary protobuf format.
2025-02-06 20:07:05 +01:00
02c02ca15c
Merge branch 'main' into feature/tombstone-parser
2025-02-03 18:44:00 +01:00
43901c96a0
Add improved heuristic detections to AppOps module
2025-01-30 13:02:26 +01:00
9d81b5bfa8
Add a module to parse uninstalled apps from dumpsys data, for both bugreport and AndroidQF output, and match them against package name IoCs.
2024-12-11 16:47:19 -03:00
bc09e2a394
Initial tests for tombstone parsing
2024-10-28 10:51:58 +01:00
9b41ba99aa
WIP: initial tombstone modules
2024-10-28 10:34:53 +01:00
665806db98
Add initial parser for ADB state in Dumpsys ( #547 )
...
* Add initial parser for ADB dumpsys
* Add ADBState tests and support for AndroidQF and
check-adb
* Handle case where ADB is not available in device dumpsys
2024-10-18 15:31:25 +02:00
a6d32e1c88
Fix dumpsys accessibility detections for v14+ ( #483 )
2024-05-19 22:27:28 +02:00
5826e6b11c
Migrate dumpsys_packages parsing into an artifact
2024-04-01 01:49:08 +02:00
9988887d27
Updated copyright notice
2023-09-09 17:55:27 +02:00
a2ee46b8f8
Refactors dumpsys receiver parsing into an artifact
2023-08-08 20:23:09 +02:00
e60e5fdc6e
Refactors DumpsysBatteryHistory and adds related androidqf module
2023-08-04 19:20:14 +02:00
7e0e071c5d
Refactor DumpsysBatteryDaily module and add related artifact
2023-08-04 16:17:52 +02:00
a103b50759
Rename artifacts to avoid name collisions
2023-08-02 13:32:58 +02:00
84dc13144d
Refactor DumpsysAppOps
2023-08-01 11:58:20 +02:00
6356a4ff87
Refactor code of DumpsysDBInfo
2023-07-31 23:43:20 +02:00
f96f2fe34a
refactor dumpsys package activity code
2023-07-31 18:38:41 +02:00
4c175530a8
Refactor dumpsys accessibility in an artifact
2023-07-27 19:42:06 +02:00
57d4aca72e
Refactor Android modules to remove duplication ( #368 )
...
* Remove duplicated detection logic from GetProp modules
* Deduplicate settings and processes
* Refactor detection in artifacts
* Improves Artifact class
---------
Co-authored-by: tek <tek@randhome.io >
2023-07-26 13:42:17 +02:00
e7270d6a07
Fixes import and adds test for PR 361
2023-07-10 22:55:22 +02:00
e1677639c4
Linted code using isort + autoflake + black, fixed wrong use of Optional[bool]
2023-06-01 23:40:26 +02:00
f814244ff8
Fixes bug in bugreport getprop module
2023-05-06 11:20:10 -04:00
704ea39569
Removes empty lines to be PEP8 compliant
2023-02-08 20:20:13 +01:00
81ed0b0c19
Update copyright information
2023-02-08 20:18:16 +01:00
66c015bc23
Improves check-androidqf tests
2022-10-11 13:07:24 +02:00
ba0106c476
Adds SMS androidqf module and improves tests
2022-10-11 12:41:42 +02:00
5356a399c9
Moves dumpsys parsing to android parsers and use the same parser for adb and bugreport modules
2022-08-17 18:24:51 +02:00
ad8f455209
Sorted imports
2022-08-17 11:34:58 +02:00
5fe88098b9
Improves dumpsys battery history parsing
2022-08-16 18:57:18 +02:00
271fe5fbee
Continuing enforcement of line length and simplifying date conversions
2022-08-13 02:14:24 +02:00
0622357a64
Adds support for MMS parsing in android backups
2022-06-23 11:05:04 +02:00
444ecf032d
Fixing newlines
2022-06-17 17:07:36 +02:00
abc0f2768b
Fixed tests
2022-06-16 15:24:43 +02:00
a12c4e6b93
First commit to refactor of command definitions
2022-06-15 17:41:19 +02:00
d82c788a18
Removed AUTHORS file in favor of explicit copyright notice
2022-05-08 14:53:50 +02:00
9d61b9048c
Fixed variable names mismatch and styling
2022-03-30 08:49:22 +02:00
9950b3d6c2
Add appops dumpsys parser and modules
2022-03-30 01:16:22 +02:00
d6af7c8cca
Updating flake8 config and fixed some violations
2022-03-18 11:10:06 +01:00
fc9a27d030
Sorted imports
2022-03-10 11:33:54 +01:00
86c79075ff
Reorganise code for backup modules
2022-03-04 10:10:56 +01:00
639c163297
Adds partial compression support in Android Backup parsing
2022-02-23 16:18:45 +01:00
8eb30e3a02
Improves android backup parsing for check-backup and check-adb
2022-02-23 15:07:13 +01:00
Donncha Ó Cearbhaill