Donncha Ó Cearbhaill
339a1d0712
Deduplicate ADB AndroidQF and other modules ( #606 )
...
* Run bugreport and backup modules during check-androidqf
Adding support to automatically run ADB backup and bugreport modules
automatically when running the check-androidqf command. This is a first
step to deduplicate the code for Android modules.
* Deduplicate modules which are run by the sub-commands.
* Raise the proper NoAndroidQFBackup exception when a back-up isn't found
* add missing import
* Fix imports and remove duplicate hashes param
* Rename from_folder to from_dir in tests
---------
Co-authored-by: besendorf <janik@besendorf.org >
2025-10-31 13:46:33 +01:00
Tek
4757cff262
Fixes date parsing issue in tombstones ( #635 )
2025-06-12 20:49:31 +02:00
Donncha Ó Cearbhaill
b184eeedf4
Handle XML encoded ADB keystore and fix parsing bugs ( #605 )
2025-02-07 02:00:24 +01:00
Donncha Ó Cearbhaill
4e97e85350
Load Android device timezone info and add additional file modification logs ( #567 )
...
* Use local timestamp for Files module timeline.
Most other Android timestamps appear to be local time. The
results timeline is more useful if all the timestamps
are consistent. I would prefer to use UTC, but that would
mean converting all the other timestamps to UTC as well. We probably
do not have sufficient information to do that accurately,
especially if the device is moving between timezones..
* Add file timestamp modules to add logs into timeline
* Handle case were we cannot load device timezone
* Fix crash if prop file does not exist
* Move _get_file_modification_time to BugReportModule
* Add backport for timezone and fix Tombstone module to use local time.
* Fix import for backported Zoneinfo
* Fix ruff error
2025-02-06 20:51:15 +01:00
Donncha Ó Cearbhaill
b7595b62eb
Add initial tombstone parser
...
This supports parsing tombstone files from Android bugreports. The parser
can load both the legacy text format and the new binary protobuf format.
2025-02-06 20:07:05 +01:00
Donncha Ó Cearbhaill
02c02ca15c
Merge branch 'main' into feature/tombstone-parser
2025-02-03 18:44:00 +01:00
Donncha Ó Cearbhaill
43901c96a0
Add improved heuristic detections to AppOps module
2025-01-30 13:02:26 +01:00
tes
9d81b5bfa8
Add a module to parse uninstalled apps from dumpsys data, for both bugreport and AndroidQF output, and match them against package name IoCs.
2024-12-11 16:47:19 -03:00
Donncha Ó Cearbhaill
bc09e2a394
Initial tests for tombstone parsing
2024-10-28 10:51:58 +01:00
Donncha Ó Cearbhaill
9b41ba99aa
WIP: initial tombstone modules
2024-10-28 10:34:53 +01:00
Donncha Ó Cearbhaill
665806db98
Add initial parser for ADB state in Dumpsys ( #547 )
...
* Add initial parser for ADB dumpsys
* Add ADBState tests and support for AndroidQF and
check-adb
* Handle case where ADB is not available in device dumpsys
2024-10-18 15:31:25 +02:00
Rory Flynn
a6d32e1c88
Fix dumpsys accessibility detections for v14+ ( #483 )
2024-05-19 22:27:28 +02:00
tek
5826e6b11c
Migrate dumpsys_packages parsing into an artifact
2024-04-01 01:49:08 +02:00
Nex
9988887d27
Updated copyright notice
2023-09-09 17:55:27 +02:00
tek
a2ee46b8f8
Refactors dumpsys receiver parsing into an artifact
2023-08-08 20:23:09 +02:00
tek
e60e5fdc6e
Refactors DumpsysBatteryHistory and adds related androidqf module
2023-08-04 19:20:14 +02:00
tek
7e0e071c5d
Refactor DumpsysBatteryDaily module and add related artifact
2023-08-04 16:17:52 +02:00
tek
a103b50759
Rename artifacts to avoid name collisions
2023-08-02 13:32:58 +02:00
tek
84dc13144d
Refactor DumpsysAppOps
2023-08-01 11:58:20 +02:00
tek
6356a4ff87
Refactor code of DumpsysDBInfo
2023-07-31 23:43:20 +02:00
tek
f96f2fe34a
refactor dumpsys package activity code
2023-07-31 18:38:41 +02:00
tek
4c175530a8
Refactor dumpsys accessibility in an artifact
2023-07-27 19:42:06 +02:00
Donncha Ó Cearbhaill
57d4aca72e
Refactor Android modules to remove duplication ( #368 )
...
* Remove duplicated detection logic from GetProp modules
* Deduplicate settings and processes
* Refactor detection in artifacts
* Improves Artifact class
---------
Co-authored-by: tek <tek@randhome.io >
2023-07-26 13:42:17 +02:00
tek
e7270d6a07
Fixes import and adds test for PR 361
2023-07-10 22:55:22 +02:00
Nex
e1677639c4
Linted code using isort + autoflake + black, fixed wrong use of Optional[bool]
2023-06-01 23:40:26 +02:00
tek
f814244ff8
Fixes bug in bugreport getprop module
2023-05-06 11:20:10 -04:00
tek
704ea39569
Removes empty lines to be PEP8 compliant
2023-02-08 20:20:13 +01:00
tek
81ed0b0c19
Update copyright information
2023-02-08 20:18:16 +01:00
tek
66c015bc23
Improves check-androidqf tests
2022-10-11 13:07:24 +02:00
tek
ba0106c476
Adds SMS androidqf module and improves tests
2022-10-11 12:41:42 +02:00
tek
5356a399c9
Moves dumpsys parsing to android parsers and use the same parser for adb and bugreport modules
2022-08-17 18:24:51 +02:00
Nex
ad8f455209
Sorted imports
2022-08-17 11:34:58 +02:00
tek
5fe88098b9
Improves dumpsys battery history parsing
2022-08-16 18:57:18 +02:00
Nex
271fe5fbee
Continuing enforcement of line length and simplifying date conversions
2022-08-13 02:14:24 +02:00
tek
0622357a64
Adds support for MMS parsing in android backups
2022-06-23 11:05:04 +02:00
Nex
444ecf032d
Fixing newlines
2022-06-17 17:07:36 +02:00
Nex
abc0f2768b
Fixed tests
2022-06-16 15:24:43 +02:00
Nex
a12c4e6b93
First commit to refactor of command definitions
2022-06-15 17:41:19 +02:00
Nex
d82c788a18
Removed AUTHORS file in favor of explicit copyright notice
2022-05-08 14:53:50 +02:00
Nex
9d61b9048c
Fixed variable names mismatch and styling
2022-03-30 08:49:22 +02:00
tek
9950b3d6c2
Add appops dumpsys parser and modules
2022-03-30 01:16:22 +02:00
Nex
d6af7c8cca
Updating flake8 config and fixed some violations
2022-03-18 11:10:06 +01:00
Nex
fc9a27d030
Sorted imports
2022-03-10 11:33:54 +01:00
tek
86c79075ff
Reorganise code for backup modules
2022-03-04 10:10:56 +01:00
tek
639c163297
Adds partial compression support in Android Backup parsing
2022-02-23 16:18:45 +01:00
tek
8eb30e3a02
Improves android backup parsing for check-backup and check-adb
2022-02-23 15:07:13 +01:00
