Releases: fox-it/acquire
Releases · fox-it/acquire
3.22
What's Changed
- Extend webserver collection by @qmadev in #264
- Add APPLICATION_HOST_CONFIG to webserver collection by @Miauwkeru in #279
- Fix Child Acquisition by @qmadev in #283
- Add collection of SimpleHelp logging by @Matthijsy in #287
- Remove and update deprecated code by @Miauwkeru in #286
- Add Teamviewer MRU files by @Matthijsy in #289
- Improve AV paths by @Matthijsy in #288
New Contributors
- @Matthijsy made their first contribution in #287
Full Changelog: 3.21...3.22
Contributors
Miauwkeru, Matthijsy, and qmadev
Assets 2
3.21
What's Changed
- Update pyproject.toml license settings and minimum python version by @Miauwkeru in #268
- feature: Add HitmanPro logs to AV module by @0xAlcidius in #271
- List a targets sub-targets/children from acquire using --list-children by @lhaagsma in #240
- Get more memory on ESXi before loading target by @twiggler in #272
- Update imports from dissect.target by @Miauwkeru in #275
- Update dissect.target dependency by @Miauwkeru in #278
New Contributors
- @0xAlcidius made their first contribution in #271
Full Changelog: 3.20.1...3.21
Contributors
Miauwkeru, lhaagsma, and 2 other contributors
Assets 2
3.20.1
What's Changed
- Fix issue where setting gui.shard to 0 by @Miauwkeru in #269
Full Changelog: 3.20...3.20.1
Contributors
Miauwkeru
Assets 2
3.20
What's Changed
- Add Applications and Network modules by @OlafHaalstra in #229
- Collect a small set of proc and sys by @Miauwkeru in #248
- Selects supported os profile from target.os_tree by @Miauwkeru in #247
- Add Splashtop paths by @bobkarreman in #253
- Fix module disable by @bobkarreman in #254
- Add SharePoint Server logs by @respondersGY in #257
- Collect McAfee ATP remediation alerts by @respondersGY in #260
- Add NTFS and RemoteAccess paths by @qmadev in #259
- Infer path of bootbanks by @twiggler in #255
- Release 3.20 by @twiggler in #265
New Contributors
- @OlafHaalstra made their first contribution in #229
- @bobkarreman made their first contribution in #253
- @respondersGY made their first contribution in #257
Full Changelog: 3.19...3.20
Contributors
bobkarreman, Miauwkeru, and 4 other contributors
Assets 2
3.19
What's Changed
- Added paths for AV collection by @qmadev in #225
- Rename OSX to macOS by @JSCU-CNI in #228
- Collect additional Anydesk files Win/Linux/Mac by @lhaagsma in #233
- Collect RustDesk log files Win/Linux/Mac by @lhaagsma in #234
- Add support for pystandalone key_fingerprint by @Miauwkeru in #235
- Add flag to enable nfs by @twiggler in #226
- Collect Capability Manager History directory by @lhaagsma in #237
- Replace deprecated registry.iterkeys call with registry.keys by @Miauwkeru in #241
- Add a DPAPI collection module by @Miauwkeru in #243
- Replace all "dir" and "file" with "path" by @Miauwkeru in #242
- Use the new log_dirs property of the iis plugin to get the required paths by @Miauwkeru in #244
- Update pyproject.toml for release by @Miauwkeru in #245
New Contributors
Full Changelog: 3.18...3.19
Contributors
Miauwkeru, lhaagsma, and 3 other contributors
Assets 2
3.18
What's Changed
- Add a timeout to the os.read function in VolatileStream by @Miauwkeru in #205
- Add optional folder argument for file uploads to S3 Buckets by @raverburg in #208
- Feature/proxmox implementation by @otnxSl in #184
- Acquire MSSQL error logs by @Miauwkeru in #210
- Return the exit code instead of exiting in main by @Schamper in #211
- Change linter to Ruff by @Schamper in #213
- Add .git-blame-ignore-revs file by @Schamper in #214
- Collect /proc/net on default volatile collection by @Schamper in #218
- Fix Sphinx rst warnings by @JSCU-CNI in #220
- Added brave history path when installed with snap by @qmadev in #222
- Merge pystandalone crypt and fallback on python RNG by @twiggler in #221
- Resolve wrong spec in MSSQL module by @Miauwkeru in #224
New Contributors
- @raverburg made their first contribution in #208
- @otnxSl made their first contribution in #184
- @qmadev made their first contribution in #222
Full Changelog: 3.17...3.18
Contributors
Schamper, Miauwkeru, and 5 other contributors
Assets 2
3.17
What's Changed
- Add BitLocker and LUKS support to Acquire by @larsbehrens1 in #193
- Make encryption work with zip files by @twiggler in #196
- Acquire device list by @cecinestpasunepipe in #198
- Add collection of Docker logs by @Paradoxis in #199
- Fix regression in OSError handling logic by @pyrco in #203
- Make acquire more robust against missing collection profiles by @pyrco in #201
- Add collection of individual user search indexes on Windows by @reece394 in #200
New Contributors
- @larsbehrens1 made their first contribution in #193
- @Paradoxis made their first contribution in #199
- @reece394 made their first contribution in #200
Full Changelog: 3.16...3.17
Contributors
Paradoxis, twiggler, and 4 other contributors
Assets 2
3.16
Note
acquire is no longer supported on Windows with pypy 3.9.
The release of pypy 3.9 for windows has a vendored-in cffi library that depends on deprecated and now removed features in distutil. This cffi library is used by the minio dependency of acquire and thus testcases for acquire for pypy 3.9 on Windows will fail.
The pypy maintainers have indicated there will be no more updates for pypy3.9. This means we can no longer enforce a successful run of the testcases for pypy 3.9 on Windows.
Currently pypy 3.10 suffers from the same issue, but that version will get a fix at some point.
What's Changed
- Improve logging successful and failed acquire runs by @pyrco in #177
- Add collection of notepad tab directories by @joost-j in #164
- Add exit codes and summary to acquire-decrypt by @Poeloe in #186
- Add optional boolean value to all store_true instances by @Miauwkeru in #179
- Fix compression in zip outputs when compress option is supplied by @ruzzle in #182
- Make acquire compression configurable by @Horofic in #185
- Added Windows Update Agent's DataStore for collection by @michoebey in #187
- Add MacOS and Linux log paths to TeamViewer module by @Poeloe in #190
- Fix inconsistent error messages involving
output-fileby @twiggler in #191
New Contributors
- @joost-j made their first contribution in #164
- @ruzzle made their first contribution in #182
- @michoebey made their first contribution in #187
- @twiggler made their first contribution in #191
Full Changelog: 3.15...3.16
Contributors
Miauwkeru, ruzzle, and 6 other contributors
Assets 2
3.15
What's Changed
- Compatibility with cstruct v4 by @pyrco in #170
- Bump the version of virtualenv in tox.ini to pull in the correct version of pip by @pyrco in #172
- Bump dissect.ctruct dependency to version 4 by @pyrco in #173
- Add an EDR (Endpoint Detection and Response) log collection module by @pyrco in #176
- Fix shard issue by @cecinestpasunepipe in #175
Full Changelog: 3.14...3.15
Contributors
pyrco and cecinestpasunepipe
Assets 2
3.14
What's Changed
- Run CI on pushed tags by @Schamper in #135
- Check for existing decompressed acquire when decrypting by @Poeloe in #158
- Bump minimal tox version by @Schamper in #157
- Add
output-filecommand line argument by @Poeloe in #160 - Update github action versions by @Miauwkeru in #163
- Add AnyDesk paths by @Poeloe in #165
- Add a pull request template by @Miauwkeru in #167
- Allow multiple targets with acquire by @cecinestpasunepipe in #162
- New collection and de-duplication logic by @pyrco in #161
Full Changelog: 3.13...3.14
Contributors
Schamper, Miauwkeru, and 3 other contributors