PyPI - dfindexeddb - Versions diffs - 20240324__tar.gz → 20240331a0__tar.gz - Mend

dfindexeddb 20240324tar.gz → 20240331a0tar.gz

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (35) hide show

{dfindexeddb-20240324/dfindexeddb.egg-info → dfindexeddb-20240331a0}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: dfindexeddb
-Version: 20240324
+Version: 20240331a0
 Summary: dfindexeddb is an experimental Python tool for performing digital forensic analysis of IndexedDB and leveldb files.
 Author-email: Syd Pleno <sydp@google.com>
 Maintainer-email: dfIndexeddb Developers <dfindexeddb-dev@googlegroups.com>
@@ -283,7 +283,7 @@ installation:
 ```
 $ dfindexeddb -h
-usage: dfindexeddb [-h] -s SOURCE [--json]
+usage: dfindexeddb [-h] -s SOURCE [-o {json,jsonl,repr}]
 A cli tool for parsing indexeddb files
@@ -291,7 +291,8 @@ options:
   -h, --help            show this help message and exit
   -s SOURCE, --source SOURCE
                         The source leveldb folder
-  --json                Output as JSON
+  -o {json,jsonl,repr}, --output {json,jsonl,repr}
+                        Output format. Default is json
 ```
 ### LevelDB
@@ -316,17 +317,46 @@ options:
 To parse records from a LevelDB log (.log) file, use the following command:
 ```
-$ dfleveldb log -s <SOURCE> [--json]
+$ dfleveldb log  -s SOURCE [-o {json,jsonl,repr}] [-t {blocks,physical_records,write_batches,parsed_internal_key}]
+options:
+  -h, --help            show this help message and exit
+  -s SOURCE, --source SOURCE
+                        The source leveldb file
+  -o {json,jsonl,repr}, --output {json,jsonl,repr}
+                        Output format. Default is json
+  -t {blocks,physical_records,write_batches,parsed_internal_key}, --structure_type {blocks,physical_records,write_batches,parsed_internal_key}
+                        Parses the specified structure. Default is parsed_internal_key.
 ```
 To parse records from a LevelDB table (.ldb) file, use the following command:
 ```
-$ dfleveldb ldb -s <SOURCE> [--json]
+$ dfleveldb ldb -s SOURCE [-o {json,jsonl,repr}] [-t {blocks,records}]
+options:
+  -h, --help            show this help message and exit
+  -s SOURCE, --source SOURCE
+                        The source leveldb file
+  -o {json,jsonl,repr}, --output {json,jsonl,repr}
+                        Output format. Default is json
+  -t {blocks,records}, --structure_type {blocks,records}
+                        Parses the specified structure. Default is records.
 ```
 To parse version edit records from a Descriptor (MANIFEST) file:
 ```
-$ dfleveldb descriptor -s <SOURCE> [--json]
+$ dfleveldb descriptor -s SOURCE [-o {json,jsonl,repr}] [-t {blocks,physical_records,versionedit} | -v]
+options:
+  -h, --help            show this help message and exit
+  -s SOURCE, --source SOURCE
+                        The source leveldb file
+  -o {json,jsonl,repr}, --output {json,jsonl,repr}
+                        Output format. Default is json
+  -t {blocks,physical_records,versionedit}, --structure_type {blocks,physical_records,versionedit}
+                        Parses the specified structure. Default is versionedit.
+  -v, --version_history
+                        Parses the leveldb version history.
 ```

{dfindexeddb-20240324 → dfindexeddb-20240331a0}/README.md RENAMED Viewed

@@ -61,7 +61,7 @@ installation:
 ```
 $ dfindexeddb -h
-usage: dfindexeddb [-h] -s SOURCE [--json]
+usage: dfindexeddb [-h] -s SOURCE [-o {json,jsonl,repr}]
 A cli tool for parsing indexeddb files
@@ -69,7 +69,8 @@ options:
   -h, --help            show this help message and exit
   -s SOURCE, --source SOURCE
                         The source leveldb folder
-  --json                Output as JSON
+  -o {json,jsonl,repr}, --output {json,jsonl,repr}
+                        Output format. Default is json
 ```
 ### LevelDB
@@ -94,17 +95,46 @@ options:
 To parse records from a LevelDB log (.log) file, use the following command:
 ```
-$ dfleveldb log -s <SOURCE> [--json]
+$ dfleveldb log  -s SOURCE [-o {json,jsonl,repr}] [-t {blocks,physical_records,write_batches,parsed_internal_key}]
+options:
+  -h, --help            show this help message and exit
+  -s SOURCE, --source SOURCE
+                        The source leveldb file
+  -o {json,jsonl,repr}, --output {json,jsonl,repr}
+                        Output format. Default is json
+  -t {blocks,physical_records,write_batches,parsed_internal_key}, --structure_type {blocks,physical_records,write_batches,parsed_internal_key}
+                        Parses the specified structure. Default is parsed_internal_key.
 ```
 To parse records from a LevelDB table (.ldb) file, use the following command:
 ```
-$ dfleveldb ldb -s <SOURCE> [--json]
+$ dfleveldb ldb -s SOURCE [-o {json,jsonl,repr}] [-t {blocks,records}]
+options:
+  -h, --help            show this help message and exit
+  -s SOURCE, --source SOURCE
+                        The source leveldb file
+  -o {json,jsonl,repr}, --output {json,jsonl,repr}
+                        Output format. Default is json
+  -t {blocks,records}, --structure_type {blocks,records}
+                        Parses the specified structure. Default is records.
 ```
 To parse version edit records from a Descriptor (MANIFEST) file:
 ```
-$ dfleveldb descriptor -s <SOURCE> [--json]
+$ dfleveldb descriptor -s SOURCE [-o {json,jsonl,repr}] [-t {blocks,physical_records,versionedit} | -v]
+options:
+  -h, --help            show this help message and exit
+  -s SOURCE, --source SOURCE
+                        The source leveldb file
+  -o {json,jsonl,repr}, --output {json,jsonl,repr}
+                        Output format. Default is json
+  -t {blocks,physical_records,versionedit}, --structure_type {blocks,physical_records,versionedit}
+                        Parses the specified structure. Default is versionedit.
+  -v, --version_history
+                        Parses the leveldb version history.
 ```

dfindexeddb-20240331a0/dfindexeddb/indexeddb/chromium/__init__.py ADDED Viewed

@@ -0,0 +1,13 @@
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.

{dfindexeddb-20240324/dfindexeddb/indexeddb → dfindexeddb-20240331a0/dfindexeddb/indexeddb/chromium}/blink.py RENAMED Viewed

@@ -17,8 +17,8 @@ import io
 from typing import Any
 from dfindexeddb import utils
-from dfindexeddb.indexeddb import definitions
-from dfindexeddb.indexeddb import v8
+from dfindexeddb.indexeddb.chromium import definitions
+from dfindexeddb.indexeddb.chromium import v8

dfindexeddb-20240324/dfindexeddb/indexeddb/chromium.py → dfindexeddb-20240331a0/dfindexeddb/indexeddb/chromium/record.py RENAMED Viewed

@@ -20,8 +20,8 @@ import io
 from typing import Any, BinaryIO, Optional, Tuple, Type, TypeVar, Union
 from dfindexeddb import errors
-from dfindexeddb.indexeddb import blink
-from dfindexeddb.indexeddb import definitions
+from dfindexeddb.indexeddb.chromium import blink
+from dfindexeddb.indexeddb.chromium import definitions
 from dfindexeddb.leveldb import ldb
 from dfindexeddb.leveldb import log
 from dfindexeddb.leveldb import utils

{dfindexeddb-20240324/dfindexeddb/indexeddb → dfindexeddb-20240331a0/dfindexeddb/indexeddb/chromium}/v8.py RENAMED Viewed

@@ -21,7 +21,7 @@ from typing import Any, BinaryIO, Dict, Optional, Set, Tuple, Union
 from dfindexeddb import errors
 from dfindexeddb import utils
-from dfindexeddb.indexeddb import definitions
+from dfindexeddb.indexeddb.chromium import definitions
 @dataclass

{dfindexeddb-20240324 → dfindexeddb-20240331a0}/dfindexeddb/indexeddb/cli.py RENAMED Viewed

@@ -24,8 +24,8 @@ import traceback
 from dfindexeddb import errors
 from dfindexeddb import version
 from dfindexeddb.leveldb import record as leveldb_record
-from dfindexeddb.indexeddb import chromium
-from dfindexeddb.indexeddb import v8
+from dfindexeddb.indexeddb.chromium import record as chromium_record
+from dfindexeddb.indexeddb.chromium import v8
 _VALID_PRINTABLE_CHARACTERS = (
@@ -60,11 +60,13 @@ class Encoder(json.JSONEncoder):
     return json.JSONEncoder.default(self, o)
-def _Output(structure, to_json=False):
+def _Output(structure, output):
   """Helper method to output parsed structure to stdout."""
-  if to_json:
+  if output == 'json':
     print(json.dumps(structure, indent=2, cls=Encoder))
-  else:
+  elif output == 'jsonl':
+    print(json.dumps(structure, cls=Encoder))
+  elif output == 'repr':
     print(structure)
@@ -73,7 +75,8 @@ def IndexeddbCommand(args):
   for db_record in leveldb_record.LevelDBRecord.FromDir(args.source):
     record = db_record.record
     try:
-      db_record.record = chromium.IndexedDBRecord.FromLevelDBRecord(record)
+      db_record.record = chromium_record.IndexedDBRecord.FromLevelDBRecord(
+          record)
     except(
         errors.ParserError,
         errors.DecoderError,
@@ -82,7 +85,7 @@ def IndexeddbCommand(args):
           (f'Error parsing blink value: {err} for {record.__class__.__name__} '
            f'at offset {record.offset} in {db_record.path}'), file=sys.stderr)
       print(f'Traceback: {traceback.format_exc()}', file=sys.stderr)
-    _Output(db_record, to_json=args.json)
+    _Output(db_record, output=args.output)
 def App():
@@ -94,7 +97,15 @@ def App():
   parser.add_argument(
       '-s', '--source', required=True, type=pathlib.Path,
       help='The source leveldb folder')
-  parser.add_argument('--json', action='store_true', help='Output as JSON')
+  parser.add_argument(
+      '-o',
+      '--output',
+      choices=[
+          'json',
+          'jsonl',
+          'repr'],
+      default='json',
+      help='Output format.  Default is json')
   parser.set_defaults(func=IndexeddbCommand)
   args = parser.parse_args()

dfindexeddb-20240331a0/dfindexeddb/indexeddb/firefox/__init__.py ADDED Viewed

@@ -0,0 +1,13 @@
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.

dfindexeddb-20240331a0/dfindexeddb/indexeddb/safari/__init__.py ADDED Viewed

@@ -0,0 +1,13 @@
+# Copyright 2024 Google LLC
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     https://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.

{dfindexeddb-20240324 → dfindexeddb-20240331a0}/dfindexeddb/leveldb/cli.py RENAMED Viewed

@@ -54,18 +54,20 @@ class Encoder(json.JSONEncoder):
     return json.JSONEncoder.default(self, o)
-def _Output(structure, to_json=False):
+def _Output(structure, output):
   """Helper method to output parsed structure to stdout."""
-  if to_json:
+  if output == 'json':
     print(json.dumps(structure, indent=2, cls=Encoder))
-  else:
+  elif output == 'jsonl':
+    print(json.dumps(structure, cls=Encoder))
+  elif output == 'repr':
     print(structure)
 def DbCommand(args):
   """The CLI for processing leveldb folders."""
   for rec in record.LevelDBRecord.FromDir(args.source):
-    _Output(rec, to_json=args.json)
+    _Output(rec, output=args.output)
 def LdbCommand(args):
@@ -75,12 +77,12 @@ def LdbCommand(args):
   if args.structure_type == 'blocks':
     # Prints block information.
     for block in ldb_file.GetBlocks():
-      _Output(block, to_json=args.json)
+      _Output(block, output=args.output)
   elif args.structure_type == 'records' or not args.structure_type:
     # Prints key value record information.
     for key_value_record in ldb_file.GetKeyValueRecords():
-      _Output(key_value_record, to_json=args.json)
+      _Output(key_value_record, output=args.output)
   else:
     print(f'{args.structure_type} is not supported for ldb files.')
@@ -93,23 +95,23 @@ def LogCommand(args):
   if args.structure_type == 'blocks':
     # Prints block information.
     for block in log_file.GetBlocks():
-      _Output(block, to_json=args.json)
+      _Output(block, output=args.output)
   elif args.structure_type == 'physical_records':
     # Prints log file physical record information.
     for log_file_record in log_file.GetPhysicalRecords():
-      _Output(log_file_record, to_json=args.json)
+      _Output(log_file_record, output=args.output)
   elif args.structure_type == 'write_batches':
     # Prints log file batch information.
     for batch in log_file.GetWriteBatches():
-      _Output(batch, to_json=args.json)
+      _Output(batch, output=args.output)
   elif (args.structure_type in ('parsed_internal_key', 'records')
         or not args.structure_type):
     # Prints key value record information.
     for internal_key_record in log_file.GetParsedInternalKeys():
-      _Output(internal_key_record, to_json=args.json)
+      _Output(internal_key_record, output=args.output)
   else:
     print(f'{args.structure_type} is not supported for log files.')
@@ -119,20 +121,24 @@ def DescriptorCommand(args):
   """The CLI for processing descriptor (MANIFEST) files."""
   manifest_file = descriptor.FileReader(args.source)
-  if args.structure_type == 'blocks':
+  if args.version_history:
+    for levels in manifest_file.GetVersions():
+      _Output(levels, output=args.output)
+  elif args.structure_type == 'blocks':
     # Prints block information.
     for block in manifest_file.GetBlocks():
-      _Output(block, to_json=args.json)
+      _Output(block, output=args.output)
   elif args.structure_type == 'physical_records':
     # Prints log file physical record information.
     for log_file_record in manifest_file.GetPhysicalRecords():
-      _Output(log_file_record, to_json=args.json)
+      _Output(log_file_record, output=args.output)
   elif (args.structure_type == 'versionedit'
         or not args.structure_type):
     for version_edit in manifest_file.GetVersionEdits():
-      _Output(version_edit, to_json=args.json)
+      _Output(version_edit, output=args.output)
   else:
     print(f'{args.structure_type} is not supported for descriptor files.')
@@ -154,8 +160,14 @@ def App():
       type=pathlib.Path,
       help='The source leveldb directory')
   parser_db.add_argument(
-      '--json', action='store_true', help='Output as JSON')
-  parser_db.set_defaults(func=DbCommand)
+      '-o',
+      '--output',
+      choices=[
+          'json',
+          'jsonl',
+          'repr'],
+      default='json',
+      help='Output format.  Default is json')
   parser_log = subparsers.add_parser(
       'log', help='Parse a leveldb log file.')
@@ -165,7 +177,14 @@ def App():
       type=pathlib.Path,
       help='The source leveldb file')
   parser_log.add_argument(
-      '--json', action='store_true', help='Output as JSON')
+      '-o',
+      '--output',
+      choices=[
+          'json',
+          'jsonl',
+          'repr'],
+      default='json',
+      help='Output format.  Default is json')
   parser_log.add_argument(
       '-t',
       '--structure_type',
@@ -173,7 +192,8 @@ def App():
           'blocks',
           'physical_records',
           'write_batches',
-          'parsed_internal_key'])
+          'parsed_internal_key'],
+      help='Parses the specified structure.  Default is parsed_internal_key.')
   parser_log.set_defaults(func=LogCommand)
   parser_ldb = subparsers.add_parser(
@@ -184,13 +204,21 @@ def App():
       type=pathlib.Path,
       help='The source leveldb file')
   parser_ldb.add_argument(
-      '--json', action='store_true', help='Output as JSON')
+      '-o',
+      '--output',
+      choices=[
+          'json',
+          'jsonl',
+          'repr'],
+      default='json',
+      help='Output format.  Default is json')
   parser_ldb.add_argument(
       '-t',
       '--structure_type',
       choices=[
           'blocks',
-          'records'])
+          'records'],
+      help='Parses the specified structure.  Default is records.')
   parser_ldb.set_defaults(func=LdbCommand)
   parser_descriptor = subparsers.add_parser(
@@ -201,12 +229,27 @@ def App():
       type=pathlib.Path,
       help='The source leveldb file')
   parser_descriptor.add_argument(
-      '--json', action='store_true', help='Output as JSON')
-  parser_descriptor.add_argument(
+      '-o',
+      '--output',
+      choices=[
+          'json',
+          'jsonl',
+          'repr'],
+      default='json',
+      help='Output format.  Default is json')
+  db_group = parser_descriptor.add_mutually_exclusive_group()
+  db_group.add_argument(
       '-t',
       '--structure_type',
       choices=[
-          'blocks', 'physical_records', 'versionedit'])
+          'blocks', 'physical_records', 'versionedit'],
+      help='Parses the specified structure.  Default is versionedit.')
+  db_group.add_argument(
+      '-v',
+      '--version_history',
+      action='store_true',
+      help='Parses the leveldb version history.'
+  )
   parser_descriptor.set_defaults(func=DescriptorCommand)
   args = parser.parse_args()

{dfindexeddb-20240324 → dfindexeddb-20240331a0}/dfindexeddb/leveldb/descriptor.py RENAMED Viewed

@@ -14,7 +14,7 @@
 # limitations under the License.
 """Parser for LevelDB Descriptor (MANIFEST) files."""
 from __future__ import annotations
+from collections import defaultdict
 from dataclasses import dataclass, field
 from typing import Generator, Optional
@@ -35,7 +35,7 @@ class InternalKey:
     key_type: the key type.
   """
   offset: int
-  user_key: bytes = field(repr=False)
+  user_key: bytes
   sequence_number: int
   key_type: int
@@ -127,7 +127,7 @@ class CompactPointer(utils.FromDecoderMixin):
   """
   offset: int
   level: int
-  key: bytes = field(repr=False)
+  key: bytes
   @classmethod
   def FromDecoder(
@@ -258,6 +258,27 @@ class VersionEdit(utils.FromDecoderMixin):
     return version_edit
+@dataclass
+class LevelDBVersion:
+  """A LevelDBVersion.
+  A LevelDBVersion represents the current state of the table files and log file
+  that are currently "active".  The current state is determined by the sequence
+  of VersionEdits that are parsed from a descriptor file.
+  Active files can contain overlapping keys in the current log file and the
+  "young" or 0-level.
+  "Deleted files" will typically no longer exist but may be forensically
+  recoverable.
+  """
+  current_log: str
+  version_edit_offset: int
+  last_sequence: int
+  active_files: dict[int, dict[int, NewFile]]
+  deleted_files: dict[int, dict[int, DeletedFile]]
 class FileReader:
   """A reader for Descriptor files.
@@ -332,3 +353,30 @@ class FileReader:
         version_edit = VersionEdit.FromBytes(buffer, base_offset=offset)
         yield version_edit
         buffer = bytearray()
+  def GetVersions(self) -> Generator[LevelDBVersion, None, None]:
+    """Returns an iterator of LevelDBVersion instances.
+    Yields:
+      LevelDBVersion
+    """
+    active_files = defaultdict(dict)
+    deleted_files = defaultdict(set)
+    current_log = None
+    for version_edit in self.GetVersionEdits():
+      current_log = f'{version_edit.log_number:06d}.log'
+      for new_file in version_edit.new_files:
+        active_files[new_file.level][f'{new_file.number:06d}.ldb'] = new_file
+      for deleted_file in version_edit.deleted_files:
+        active_files[deleted_file.level].pop(f'{deleted_file.number:06d}.ldb')
+        deleted_files[deleted_file.level].add(f'{deleted_file.number:06d}.ldb')
+      yield LevelDBVersion(
+          current_log=current_log,
+          active_files=dict(active_files),
+          deleted_files=dict(deleted_files),
+          version_edit_offset=version_edit.offset,
+          last_sequence=version_edit.last_sequence)

{dfindexeddb-20240324 → dfindexeddb-20240331a0}/dfindexeddb/version.py RENAMED Viewed

@@ -14,7 +14,7 @@
 # limitations under the License.
 """Version information for dfIndexeddb."""
-__version__ = "20240324"
+__version__ = "20240331a"
 def GetVersion():

{dfindexeddb-20240324 → dfindexeddb-20240331a0/dfindexeddb.egg-info}/PKG-INFO RENAMED Viewed

@@ -1,6 +1,6 @@
 Metadata-Version: 2.1
 Name: dfindexeddb
-Version: 20240324
+Version: 20240331a0
 Summary: dfindexeddb is an experimental Python tool for performing digital forensic analysis of IndexedDB and leveldb files.
 Author-email: Syd Pleno <sydp@google.com>
 Maintainer-email: dfIndexeddb Developers <dfindexeddb-dev@googlegroups.com>
@@ -283,7 +283,7 @@ installation:
 ```
 $ dfindexeddb -h
-usage: dfindexeddb [-h] -s SOURCE [--json]
+usage: dfindexeddb [-h] -s SOURCE [-o {json,jsonl,repr}]
 A cli tool for parsing indexeddb files
@@ -291,7 +291,8 @@ options:
   -h, --help            show this help message and exit
   -s SOURCE, --source SOURCE
                         The source leveldb folder
-  --json                Output as JSON
+  -o {json,jsonl,repr}, --output {json,jsonl,repr}
+                        Output format. Default is json
 ```
 ### LevelDB
@@ -316,17 +317,46 @@ options:
 To parse records from a LevelDB log (.log) file, use the following command:
 ```
-$ dfleveldb log -s <SOURCE> [--json]
+$ dfleveldb log  -s SOURCE [-o {json,jsonl,repr}] [-t {blocks,physical_records,write_batches,parsed_internal_key}]
+options:
+  -h, --help            show this help message and exit
+  -s SOURCE, --source SOURCE
+                        The source leveldb file
+  -o {json,jsonl,repr}, --output {json,jsonl,repr}
+                        Output format. Default is json
+  -t {blocks,physical_records,write_batches,parsed_internal_key}, --structure_type {blocks,physical_records,write_batches,parsed_internal_key}
+                        Parses the specified structure. Default is parsed_internal_key.
 ```
 To parse records from a LevelDB table (.ldb) file, use the following command:
 ```
-$ dfleveldb ldb -s <SOURCE> [--json]
+$ dfleveldb ldb -s SOURCE [-o {json,jsonl,repr}] [-t {blocks,records}]
+options:
+  -h, --help            show this help message and exit
+  -s SOURCE, --source SOURCE
+                        The source leveldb file
+  -o {json,jsonl,repr}, --output {json,jsonl,repr}
+                        Output format. Default is json
+  -t {blocks,records}, --structure_type {blocks,records}
+                        Parses the specified structure. Default is records.
 ```
 To parse version edit records from a Descriptor (MANIFEST) file:
 ```
-$ dfleveldb descriptor -s <SOURCE> [--json]
+$ dfleveldb descriptor -s SOURCE [-o {json,jsonl,repr}] [-t {blocks,physical_records,versionedit} | -v]
+options:
+  -h, --help            show this help message and exit
+  -s SOURCE, --source SOURCE
+                        The source leveldb file
+  -o {json,jsonl,repr}, --output {json,jsonl,repr}
+                        Output format. Default is json
+  -t {blocks,physical_records,versionedit}, --structure_type {blocks,physical_records,versionedit}
+                        Parses the specified structure. Default is versionedit.
+  -v, --version_history
+                        Parses the leveldb version history.
 ```

{dfindexeddb-20240324 → dfindexeddb-20240331a0}/dfindexeddb.egg-info/SOURCES.txt RENAMED Viewed

@@ -14,12 +14,15 @@ dfindexeddb.egg-info/entry_points.txt
 dfindexeddb.egg-info/requires.txt
 dfindexeddb.egg-info/top_level.txt
 dfindexeddb/indexeddb/__init__.py
-dfindexeddb/indexeddb/blink.py
-dfindexeddb/indexeddb/chromium.py
 dfindexeddb/indexeddb/cli.py
-dfindexeddb/indexeddb/definitions.py
 dfindexeddb/indexeddb/utils.py
-dfindexeddb/indexeddb/v8.py
+dfindexeddb/indexeddb/chromium/__init__.py
+dfindexeddb/indexeddb/chromium/blink.py
+dfindexeddb/indexeddb/chromium/definitions.py
+dfindexeddb/indexeddb/chromium/record.py
+dfindexeddb/indexeddb/chromium/v8.py
+dfindexeddb/indexeddb/firefox/__init__.py
+dfindexeddb/indexeddb/safari/__init__.py
 dfindexeddb/leveldb/__init__.py
 dfindexeddb/leveldb/cli.py
 dfindexeddb/leveldb/definitions.py

{dfindexeddb-20240324 → dfindexeddb-20240331a0}/pyproject.toml RENAMED Viewed

@@ -4,7 +4,7 @@ build-backend = "setuptools.build_meta"
 [project]
 name = "dfindexeddb"
-version = "20240324"
+version = "20240331a"
 requires-python = ">=3.8"
 description = "dfindexeddb is an experimental Python tool for performing digital forensic analysis of IndexedDB and leveldb files."
 license = {file = "LICENSE"}
@@ -27,7 +27,14 @@ dfindexeddb = "dfindexeddb.indexeddb.cli:App"
 dfleveldb = "dfindexeddb.leveldb.cli:App"
 [tool.setuptools]
-packages = ["dfindexeddb", "dfindexeddb.indexeddb", "dfindexeddb.leveldb"]
+packages = [
+  "dfindexeddb",
+  "dfindexeddb.indexeddb",
+  "dfindexeddb.indexeddb.chromium",
+  "dfindexeddb.indexeddb.firefox",
+  "dfindexeddb.indexeddb.safari",
+  "dfindexeddb.leveldb",
+]
 [project.urls]
 Homepage = "https://github.com/google/dfindexeddb"