assemblyline 4.5.1.dev366__tar.gz → 4.5.1.dev367__tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (176) hide show
  1. {assemblyline-4.5.1.dev366/assemblyline.egg-info → assemblyline-4.5.1.dev367}/PKG-INFO +1 -1
  2. assemblyline-4.5.1.dev367/assemblyline/VERSION +1 -0
  3. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/custom.yara +50 -0
  4. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367/assemblyline.egg-info}/PKG-INFO +1 -1
  5. assemblyline-4.5.1.dev366/assemblyline/VERSION +0 -1
  6. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/LICENCE.md +0 -0
  7. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/MANIFEST.in +0 -0
  8. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/README.md +0 -0
  9. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/__init__.py +0 -0
  10. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/cachestore/__init__.py +0 -0
  11. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/__init__.py +0 -0
  12. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/archiving.py +0 -0
  13. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/attack_map.py +0 -0
  14. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/backupmanager.py +0 -0
  15. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/banner.py +0 -0
  16. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/bundling.py +0 -0
  17. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/caching.py +0 -0
  18. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/chunk.py +0 -0
  19. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/classification.py +0 -0
  20. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/classification.yml +0 -0
  21. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/cleanup_filestore.py +0 -0
  22. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/codec.py +0 -0
  23. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/comms.py +0 -0
  24. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/constants.py +0 -0
  25. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/custom.magic +0 -0
  26. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/dict_utils.py +0 -0
  27. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/digests.py +0 -0
  28. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/entropy.py +0 -0
  29. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/exceptions.py +0 -0
  30. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/file.py +0 -0
  31. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/forge.py +0 -0
  32. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/frequency.c +0 -0
  33. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/frequency.pyx +0 -0
  34. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/heuristics.py +0 -0
  35. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/hexdump.py +0 -0
  36. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/identify.py +0 -0
  37. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/identify_defaults.py +0 -0
  38. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/importing.py +0 -0
  39. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/iprange.py +0 -0
  40. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/isotime.py +0 -0
  41. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/log.py +0 -0
  42. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/logformat.py +0 -0
  43. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/lucene.lark +0 -0
  44. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/memory_zip.py +0 -0
  45. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/metrics.py +0 -0
  46. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/net.py +0 -0
  47. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/net_static.py +0 -0
  48. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/null.py +0 -0
  49. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/path.py +0 -0
  50. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/postprocess.py +0 -0
  51. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/random_user.py +0 -0
  52. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/security.py +0 -0
  53. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/signaturing.py +0 -0
  54. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/str_utils.py +0 -0
  55. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/tag_safelist.yml +0 -0
  56. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/tagging.py +0 -0
  57. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/threading.py +0 -0
  58. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/uid.py +0 -0
  59. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/version.py +0 -0
  60. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/datasource/__init__.py +0 -0
  61. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/datasource/al.py +0 -0
  62. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/datasource/alert.py +0 -0
  63. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/datasource/common.py +0 -0
  64. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/datastore/__init__.py +0 -0
  65. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/datastore/bulk.py +0 -0
  66. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/datastore/collection.py +0 -0
  67. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/datastore/exceptions.py +0 -0
  68. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/datastore/helper.py +0 -0
  69. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/datastore/store.py +0 -0
  70. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/datastore/support/__init__.py +0 -0
  71. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/datastore/support/build.py +0 -0
  72. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/datastore/support/schemas.py +0 -0
  73. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/filestore/__init__.py +0 -0
  74. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/filestore/transport/__init__.py +0 -0
  75. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/filestore/transport/azure.py +0 -0
  76. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/filestore/transport/base.py +0 -0
  77. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/filestore/transport/ftp.py +0 -0
  78. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/filestore/transport/http.py +0 -0
  79. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/filestore/transport/local.py +0 -0
  80. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/filestore/transport/s3.py +0 -0
  81. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/filestore/transport/sftp.py +0 -0
  82. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/__init__.py +0 -0
  83. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/base.py +0 -0
  84. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/common.py +0 -0
  85. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/messages/__init__.py +0 -0
  86. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/messages/alert.py +0 -0
  87. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/messages/alerter_heartbeat.py +0 -0
  88. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/messages/archive_heartbeat.py +0 -0
  89. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/messages/changes.py +0 -0
  90. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/messages/dispatcher_heartbeat.py +0 -0
  91. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/messages/dispatching.py +0 -0
  92. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/messages/elastic_heartbeat.py +0 -0
  93. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/messages/expiry_heartbeat.py +0 -0
  94. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/messages/ingest_heartbeat.py +0 -0
  95. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/messages/metrics.py +0 -0
  96. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/messages/retrohunt_heartbeat.py +0 -0
  97. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/messages/scaler_heartbeat.py +0 -0
  98. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/messages/scaler_status_heartbeat.py +0 -0
  99. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/messages/service_heartbeat.py +0 -0
  100. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/messages/service_timing_heartbeat.py +0 -0
  101. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/messages/submission.py +0 -0
  102. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/messages/task.py +0 -0
  103. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/messages/vacuum_heartbeat.py +0 -0
  104. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/__init__.py +0 -0
  105. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/actions.py +0 -0
  106. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/alert.py +0 -0
  107. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/badlist.py +0 -0
  108. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/cached_file.py +0 -0
  109. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/config.py +0 -0
  110. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/emptyresult.py +0 -0
  111. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/error.py +0 -0
  112. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/file.py +0 -0
  113. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/filescore.py +0 -0
  114. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/heuristic.py +0 -0
  115. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/ontology/__init__.py +0 -0
  116. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/ontology/file.py +0 -0
  117. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/ontology/filetypes/__init__.py +0 -0
  118. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/ontology/filetypes/pe.py +0 -0
  119. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/ontology/ontology.py +0 -0
  120. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/ontology/results/__init__.py +0 -0
  121. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/ontology/results/antivirus.py +0 -0
  122. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/ontology/results/http.py +0 -0
  123. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/ontology/results/malware_config.py +0 -0
  124. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/ontology/results/network.py +0 -0
  125. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/ontology/results/process.py +0 -0
  126. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/ontology/results/sandbox.py +0 -0
  127. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/ontology/results/signature.py +0 -0
  128. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/replay.py +0 -0
  129. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/result.py +0 -0
  130. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/retrohunt.py +0 -0
  131. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/safelist.py +0 -0
  132. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/service.py +0 -0
  133. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/service_delta.py +0 -0
  134. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/signature.py +0 -0
  135. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/statistics.py +0 -0
  136. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/submission.py +0 -0
  137. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/submission_summary.py +0 -0
  138. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/submission_tree.py +0 -0
  139. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/tagging.py +0 -0
  140. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/user.py +0 -0
  141. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/user_favorites.py +0 -0
  142. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/user_settings.py +0 -0
  143. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/models/workflow.py +0 -0
  144. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/random_data/__init__.py +0 -0
  145. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/random_data/create_test_data.py +0 -0
  146. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/random_data/sample_rules.yar +0 -0
  147. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/random_data/sample_suricata.rules +0 -0
  148. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/odm/randomizer.py +0 -0
  149. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/py.typed +0 -0
  150. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/remote/__init__.py +0 -0
  151. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/remote/datatypes/__init__.py +0 -0
  152. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/remote/datatypes/cache.py +0 -0
  153. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/remote/datatypes/counters.py +0 -0
  154. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/remote/datatypes/daily_quota_tracker.py +0 -0
  155. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/remote/datatypes/events.py +0 -0
  156. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/remote/datatypes/exporting_counter.py +0 -0
  157. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/remote/datatypes/hash.py +0 -0
  158. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/remote/datatypes/lock.py +0 -0
  159. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/remote/datatypes/queues/__init__.py +0 -0
  160. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/remote/datatypes/queues/comms.py +0 -0
  161. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/remote/datatypes/queues/multi.py +0 -0
  162. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/remote/datatypes/queues/named.py +0 -0
  163. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/remote/datatypes/queues/priority.py +0 -0
  164. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/remote/datatypes/set.py +0 -0
  165. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/remote/datatypes/user_quota_tracker.py +0 -0
  166. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/run/__init__.py +0 -0
  167. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/run/cli.py +0 -0
  168. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/run/pubsub_reader.py +0 -0
  169. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/run/suricata_importer.py +0 -0
  170. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/run/yara_importer.py +0 -0
  171. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline.egg-info/SOURCES.txt +0 -0
  172. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline.egg-info/dependency_links.txt +0 -0
  173. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline.egg-info/requires.txt +0 -0
  174. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline.egg-info/top_level.txt +0 -0
  175. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/setup.cfg +0 -0
  176. {assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/setup.py +0 -0
{assemblyline-4.5.1.dev366/assemblyline.egg-info → assemblyline-4.5.1.dev367}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: assemblyline
3
- Version: 4.5.1.dev366
3
+ Version: 4.5.1.dev367
4
4
  Summary: Assemblyline 4 - Automated malware analysis framework
5
5
  Home-page: https://github.com/CybercentreCanada/assemblyline-base
6
6
  Author: CCCS Assemblyline development team
assemblyline-4.5.1.dev367/assemblyline/VERSION ADDED
@@ -0,0 +1 @@
1
+ 4.5.1.dev367
{assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367}/assemblyline/common/custom.yara RENAMED
@@ -1426,6 +1426,56 @@ rule text_rdp {
1426
1426
  $optional53 = "remoteapplicationname:s:" ascii wide
1427
1427
  $optional54 = "remoteapplicationprogram:s:" ascii wide
1428
1428
 
1429
+ // https://learn.microsoft.com/en-us/previous-versions/windows/it-pro/windows-server-2008-r2-and-2008/ff393699(v=ws.10)
1430
+ $optional55 = "administrative session:i:" ascii wide
1431
+ $optional56 = "autoreconnect max retries:i:" ascii wide
1432
+ $optional57 = "bitmapcachepersistenable:i:" ascii wide
1433
+ $optional58 = "connection type:i:" ascii wide
1434
+ $optional59 = "disable ctrl+alt+del:i:" ascii wide
1435
+ $optional60 = "disableprinterredirection:i:" ascii wide
1436
+ $optional61 = "disableclipboardredirection:i:" ascii wide
1437
+ $optional62 = "displayconnectionbar:i:" ascii wide
1438
+ $optional63 = "loadbalanceinfo:s:" ascii wide
1439
+ $optional64 = "negotiate security layer:i:" ascii wide
1440
+ $optional65 = "pinconnectionbar:i:" ascii wide
1441
+ $optional66 = "prompt for credentials on client:i:" ascii wide
1442
+ $optional67 = "redirectdrives:i:" ascii wide
1443
+ $optional68 = "server port:i:" ascii wide
1444
+ $optional69 = "session bpp:i:" ascii wide
1445
+ $optional70 = "span monitors:i:" ascii wide
1446
+ $optional71 = "winposstr:s:" ascii wide
1447
+ $optional72 = "workspaceid:s:" ascii wide
1448
+
1449
+ // https://www.donkz.nl/overview-rdp-file-settings/
1450
+ $optional73 = "allow desktop composition:i:" ascii wide
1451
+ $optional74 = "allow font smoothing:i:" ascii wide
1452
+ $optional75 = "audioqualitymode:i:" ascii wide
1453
+ $optional76 = "bitmapcachesize:i:" ascii wide
1454
+ $optional77 = "connect to console:i:" ascii wide
1455
+ $optional78 = "disable full window drag:i:" ascii wide
1456
+ $optional79 = "disable menu anims:i:" ascii wide
1457
+ $optional80 = "disable themes:i:" ascii wide
1458
+ $optional81 = "disable wallpaper:i:" ascii wide
1459
+ $optional82 = "disableremoteappcapscheck:i:" ascii wide
1460
+ $optional83 = "enablesuperpan:i:" ascii wide
1461
+ $optional84 = "password 51:b:" ascii wide
1462
+ $optional85 = "prompt for credentials:i:" ascii wide
1463
+ $optional86 = "public mode:i:" ascii wide
1464
+ $optional87 = "redirectdirectx:i:" ascii wide
1465
+ $optional88 = "redirectposdevices:i:" ascii wide
1466
+ $optional89 = "shell working directory:s:" ascii wide
1467
+ $optional90 = "signature:s:" ascii wide
1468
+ $optional91 = "signscope:s:" ascii wide
1469
+ $optional92 = "superpanaccelerationfactor:i:" ascii wide
1470
+
1471
+ // Others
1472
+ $optional93 = "rdgiskdcproxy:i:" ascii wide
1473
+ $optional94 = "use redirection server name:i:" ascii wide
1474
+ $optional95 = "gatewaybrokeringtype:i:" ascii wide
1475
+ $optional96 = "disable cursor setting:i:" ascii wide
1476
+ $optional97 = "enableworkspacereconnect:i:" ascii wide
1477
+ $optional98 = "bitmapcachesize:i:" ascii wide
1478
+
1429
1479
  condition:
1430
1480
  mime startswith "text"
1431
1481
  and $mandatory
{assemblyline-4.5.1.dev366 → assemblyline-4.5.1.dev367/assemblyline.egg-info}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: assemblyline
3
- Version: 4.5.1.dev366
3
+ Version: 4.5.1.dev367
4
4
  Summary: Assemblyline 4 - Automated malware analysis framework
5
5
  Home-page: https://github.com/CybercentreCanada/assemblyline-base
6
6
  Author: CCCS Assemblyline development team
assemblyline-4.5.1.dev366/assemblyline/VERSION DELETED
@@ -1 +0,0 @@
1
- 4.5.1.dev366