61f95d07d3
Add new iOS versions and build numbers ( #625 )
...
Co-authored-by: DonnchaC <DonnchaC@users.noreply.github.com >
2025-05-12 22:37:46 +02:00
3dedd169c4
Fix issue #574 for a module without IOCs output ( #620 )
...
* Fix issue #574 for a module without IOCs output
2025-04-30 10:30:39 +02:00
e34e03d3a3
Fixes Android Dumpsys ADB parsing issue
2025-04-18 17:43:08 +02:00
34374699ce
Add new iOS versions and build numbers ( #622 )
...
Co-authored-by: DonnchaC <DonnchaC@users.noreply.github.com >
2025-04-17 09:46:17 +02:00
cf5aa7c89f
Add new iOS versions and build numbers ( #618 )
...
Co-authored-by: DonnchaC <DonnchaC@users.noreply.github.com >
2025-04-01 16:04:06 +02:00
2766739512
Fix bug where default values were dropped when parsing protobuf tombstones ( #617 )
2025-03-11 14:10:34 +01:00
9c84afb4b0
Update logo.py ( #615 )
...
add instructions to update mvt via pipx
2025-03-11 13:46:59 +01:00
55ddd86ad5
Add new iOS versions and build numbers ( #607 )
...
Co-authored-by: DonnchaC <DonnchaC@users.noreply.github.com >
2025-02-21 15:24:27 +01:00
b184eeedf4
Handle XML encoded ADB keystore and fix parsing bugs ( #605 )
2025-02-07 02:00:24 +01:00
4e97e85350
Load Android device timezone info and add additional file modification logs ( #567 )
...
* Use local timestamp for Files module timeline.
Most other Android timestamps appear to be local time. The
results timeline is more useful if all the timestamps
are consistent. I would prefer to use UTC, but that would
mean converting all the other timestamps to UTC as well. We probably
do not have sufficient information to do that accurately,
especially if the device is moving between timezones..
* Add file timestamp modules to add logs into timeline
* Handle case were we cannot load device timezone
* Fix crash if prop file does not exist
* Move _get_file_modification_time to BugReportModule
* Add backport for timezone and fix Tombstone module to use local time.
* Fix import for backported Zoneinfo
* Fix ruff error
2025-02-06 20:51:15 +01:00
b7595b62eb
Add initial tombstone parser
...
This supports parsing tombstone files from Android bugreports. The parser
can load both the legacy text format and the new binary protobuf format.
2025-02-06 20:07:05 +01:00
02c02ca15c
Merge branch 'main' into feature/tombstone-parser
2025-02-03 18:44:00 +01:00
086871e21d
Merge branch 'main' into feature/config-file
2025-01-30 13:15:28 +01:00
edcad488ab
Merge branch 'main' into feature/add-suspicious-android-setting
2025-01-30 13:10:00 +01:00
43901c96a0
Add improved heuristic detections to AppOps module
2025-01-30 13:02:26 +01:00
0962383b46
Alert on potentially suspicious permissions from ADB
2025-01-30 11:48:19 +01:00
34cd08fd9a
Add additional Android security setting to warn on
2025-01-30 11:35:18 +01:00
579b53f7ec
Add new iOS versions and build numbers ( #602 )
...
Co-authored-by: DonnchaC <DonnchaC@users.noreply.github.com >
2025-01-28 01:27:17 +01:00
dbb80d6320
Mark release 2.6.0 ( #601 )
2025-01-27 15:41:41 +01:00
0fbf24e82a
Merge branch 'main' into feature/config-file
2025-01-14 14:33:40 +01:00
6e230bdb6a
Autofix for ruff ( #598 )
2025-01-14 12:02:10 +01:00
2aa76c8a1c
Fixes a bug on recent phones not having WIFI column in net usage ( #580 )
...
Co-authored-by: Donncha Ó Cearbhaill <donncha.ocearbhaill@amnesty.org >
Co-authored-by: Rory Flynn <75283103+roaree@users.noreply.github.com >
2025-01-07 12:48:35 +01:00
7d6dc9e6dc
Add new iOS versions and build numbers ( #595 )
...
Co-authored-by: DonnchaC <DonnchaC@users.noreply.github.com >
2025-01-07 12:07:57 +01:00
458195a0ab
Fix optional typing syntax for Python 3.8
2024-12-25 00:28:02 +00:00
52e854b8b7
Add missing import
2024-12-25 00:23:36 +00:00
f4425865c0
Add missed modules using updated settings module
2024-12-25 00:14:14 +00:00
28c0c86c4e
Update MVT code to use config file rather than raw env variables
2024-12-25 00:09:29 +00:00
154e6dab15
Add config file parser for MVT
2024-12-24 23:30:18 +00:00
9b5f2d89d5
Merge branch 'main' into feature/uninstalled-apps
2024-12-16 00:00:12 +01:00
3da61c8da8
Fix ruff checks
2024-12-15 23:22:36 +01:00
5b2fe3baec
Reorganize code in iOS app module ( #586 )
2024-12-14 10:04:47 +01:00
4bcc0e5f27
Add new iOS versions and build numbers ( #583 )
...
Co-authored-by: DonnchaC <DonnchaC@users.noreply.github.com >
2024-12-12 14:43:59 +01:00
9d81b5bfa8
Add a module to parse uninstalled apps from dumpsys data, for both bugreport and AndroidQF output, and match them against package name IoCs.
2024-12-11 16:47:19 -03:00
22fce280af
Add new iOS versions and build numbers ( #572 )
...
Co-authored-by: DonnchaC <DonnchaC@users.noreply.github.com >
2024-11-20 11:02:09 +01:00
ace01ff7fb
Merge branch 'main' into fix/files-detection-bug
2024-10-31 19:59:53 +01:00
7e4f0aec4d
Fix error to due extra equal character in Files detection
2024-10-31 19:59:29 +01:00
57647583cc
Add new iOS versions and build numbers ( #569 )
...
Co-authored-by: DonnchaC <DonnchaC@users.noreply.github.com >
2024-10-29 04:17:03 +01:00
2d0de088dd
Add generated protobuf parser
2024-10-28 10:38:19 +01:00
8694e7a047
Add protobuf parser generation
2024-10-28 10:37:30 +01:00
9b41ba99aa
WIP: initial tombstone modules
2024-10-28 10:34:53 +01:00
1d44ae3987
Add detections for side-loaded apps, and deduplicate results
2024-10-24 17:19:58 +02:00
bb68e41c07
Add detection for disabled system packages
2024-10-24 16:48:03 +02:00
863de4f543
Fix crash Handling empty adb key list ( #558 )
2024-10-23 11:50:08 +02:00
3afe218c7c
Add support for check APK certificate hash IOCs ( #557 )
...
* Fix bug loading indicators which I introduced in 81b647b
2024-10-18 16:35:50 +02:00
665806db98
Add initial parser for ADB state in Dumpsys ( #547 )
...
* Add initial parser for ADB dumpsys
* Add ADBState tests and support for AndroidQF and
check-adb
* Handle case where ADB is not available in device dumpsys
2024-10-18 15:31:25 +02:00
a03f4e55ff
Adds androidqf files module ( #541 )
...
* Adds androidqf files module
* Add new files module to module list
---------
Co-authored-by: Donncha Ó Cearbhaill <donncha.ocearbhaill@amnesty.org >
2024-10-17 18:32:23 +02:00
81b647beac
Add basic support for IP indicators in MVT ( #556 )
...
* Add prelimary ipv4-addr ioc matching support under collection domains
* Add IP addresses as a valid IOC type
This currently just supports IPv4 addresses which
are treated as domains internally in MVT.
---------
Co-authored-by: renini <renini@local>
2024-10-17 18:20:17 +02:00
5ef19a327c
Fix error reporting for update check failures ( #555 )
2024-10-17 13:26:53 +02:00
f4bf3f362b
Refactor CLI help messages to make the CLI code more readable and maintainable. ( #554 )
...
* - modified help message string storage and referencing for consistency
- grammar correction to docs/android/download_apks.md
- changed ios backup help message from a format string that would reference
and explicitly print the environment variable, to printing the name of the
environment variable itself
* Fix formatting for help message refactor
---------
Co-authored-by: jazzy0verflow <hi@ra0x1duk3.mozmail.com >
Co-authored-by: kh0rvus <50286871+kh0rvus@users.noreply.github.com >
2024-10-17 12:28:42 +02:00
7575315966
Adds timeout to update checks ( #542 )
...
Co-authored-by: Donncha Ó Cearbhaill <donncha.ocearbhaill@amnesty.org >
2024-10-17 11:56:05 +02:00
github-actions[bot]