dissect.target 3.17.dev36__tar.gz → 3.18__tar.gz

Sign up to get free protection for your applications and to get access to all the features.
Files changed (596) hide show
  1. {dissect_target-3.17.dev36/dissect.target.egg-info → dissect_target-3.18}/PKG-INFO +50 -25
  2. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/exceptions.py +4 -0
  3. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/filesystem.py +0 -10
  4. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/cache.py +3 -1
  5. dissect_target-3.18/dissect/target/helpers/hashutil.py +47 -0
  6. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/protobuf.py +6 -10
  7. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/record_modifier.py +4 -1
  8. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/ssh.py +3 -4
  9. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/mqtt.py +147 -2
  10. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/raw.py +7 -0
  11. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/av/mcafee.py +3 -0
  12. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/av/sophos.py +6 -0
  13. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/av/symantec.py +6 -0
  14. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/av/trendmicro.py +8 -3
  15. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/browser/chromium.py +12 -0
  16. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/browser/firefox.py +13 -1
  17. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/browser/iexplore.py +6 -0
  18. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/container/docker.py +1 -1
  19. dissect_target-3.18/dissect/target/plugins/os/unix/etc/etc.py +77 -0
  20. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/history.py +1 -1
  21. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/linux/cmdline.py +3 -0
  22. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/linux/environ.py +3 -0
  23. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/linux/processes.py +3 -0
  24. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/linux/sockets.py +15 -0
  25. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/locate/gnulocate.py +1 -2
  26. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/locate/mlocate.py +3 -4
  27. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/locate/plocate.py +34 -25
  28. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/log/atop.py +6 -4
  29. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/log/journal.py +5 -4
  30. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/log/lastlog.py +2 -3
  31. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/log/utmp.py +6 -7
  32. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/_os.py +17 -6
  33. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/activitiescache.py +3 -0
  34. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/adpolicy.py +3 -4
  35. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/catroot.py +6 -0
  36. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/credhist.py +1 -2
  37. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/datetime.py +3 -4
  38. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/defender.py +221 -5
  39. dissect_target-3.18/dissect/target/plugins/os/windows/defender_helpers/defender_patterns.py +282 -0
  40. dissect_target-3.18/dissect/target/plugins/os/windows/defender_helpers/defender_records.py +191 -0
  41. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/dpapi/blob.py +1 -2
  42. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/dpapi/master_key.py +2 -3
  43. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/lnk.py +3 -0
  44. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/log/etl.py +9 -0
  45. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/log/evt.py +3 -0
  46. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/log/evtx.py +3 -0
  47. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/log/pfro.py +3 -0
  48. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/log/schedlgu.py +5 -2
  49. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/notifications.py +1 -2
  50. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/prefetch.py +32 -27
  51. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/recyclebin.py +13 -8
  52. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/regf/appxdebugkeys.py +3 -0
  53. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/regf/auditpol.py +4 -5
  54. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/regf/bam.py +5 -3
  55. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/regf/cit.py +1 -2
  56. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/regf/clsid.py +3 -0
  57. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/regf/firewall.py +3 -0
  58. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/regf/muicache.py +3 -0
  59. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/regf/recentfilecache.py +6 -4
  60. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/regf/regf.py +6 -0
  61. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/regf/runkeys.py +9 -4
  62. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/regf/shellbags.py +9 -7
  63. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/regf/shimcache.py +5 -3
  64. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/regf/trusteddocs.py +3 -0
  65. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/regf/usb.py +3 -0
  66. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/regf/userassist.py +8 -6
  67. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/sam.py +7 -5
  68. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/services.py +3 -0
  69. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/task_helpers/tasks_job.py +3 -4
  70. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/wer.py +3 -0
  71. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/target.py +6 -1
  72. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/tools/shell.py +30 -19
  73. {dissect_target-3.17.dev36 → dissect_target-3.18/dissect.target.egg-info}/PKG-INFO +50 -25
  74. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect.target.egg-info/SOURCES.txt +6 -0
  75. dissect_target-3.18/dissect.target.egg-info/requires.txt +79 -0
  76. {dissect_target-3.17.dev36 → dissect_target-3.18}/pyproject.toml +50 -25
  77. dissect_target-3.18/tests/helpers/test_hashutil.py +28 -0
  78. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/helpers/test_modifier.py +2 -1
  79. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/helpers/test_protobuf.py +1 -1
  80. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/loaders/test_mqtt.py +2 -0
  81. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/locate/test_plocate.py +6 -1
  82. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/test_history.py +21 -0
  83. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/regf/test_cit.py +4 -1
  84. dissect_target-3.18/tests/plugins/os/windows/regf/test_shellbags.py +48 -0
  85. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/test__os.py +20 -0
  86. dissect_target-3.18/tests/plugins/os/windows/test_defender.py +375 -0
  87. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/test_prefetch.py +2 -2
  88. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/test_recyclebin.py +3 -5
  89. dissect_target-3.18/tests/tools/__init__.py +0 -0
  90. dissect_target-3.18/tests/volumes/__init__.py +0 -0
  91. {dissect_target-3.17.dev36 → dissect_target-3.18}/tox.ini +6 -7
  92. dissect_target-3.17.dev36/dissect/target/helpers/hashutil.py +0 -87
  93. dissect_target-3.17.dev36/dissect.target.egg-info/requires.txt +0 -53
  94. dissect_target-3.17.dev36/tests/helpers/test_hashutil.py +0 -59
  95. dissect_target-3.17.dev36/tests/plugins/os/windows/test_defender.py +0 -153
  96. {dissect_target-3.17.dev36 → dissect_target-3.18}/COPYRIGHT +0 -0
  97. {dissect_target-3.17.dev36 → dissect_target-3.18}/LICENSE +0 -0
  98. {dissect_target-3.17.dev36 → dissect_target-3.18}/MANIFEST.in +0 -0
  99. {dissect_target-3.17.dev36 → dissect_target-3.18}/README.md +0 -0
  100. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/__init__.py +0 -0
  101. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/container.py +0 -0
  102. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/containers/__init__.py +0 -0
  103. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/containers/asdf.py +0 -0
  104. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/containers/ewf.py +0 -0
  105. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/containers/fortifw.py +0 -0
  106. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/containers/hdd.py +0 -0
  107. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/containers/hds.py +0 -0
  108. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/containers/qcow2.py +0 -0
  109. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/containers/raw.py +0 -0
  110. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/containers/split.py +0 -0
  111. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/containers/vdi.py +0 -0
  112. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/containers/vhd.py +0 -0
  113. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/containers/vhdx.py +0 -0
  114. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/containers/vmdk.py +0 -0
  115. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/data/autocompletion/target_bash_completion.sh +0 -0
  116. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/filesystems/__init__.py +0 -0
  117. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/filesystems/ad1.py +0 -0
  118. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/filesystems/btrfs.py +0 -0
  119. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/filesystems/cb.py +0 -0
  120. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/filesystems/config.py +0 -0
  121. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/filesystems/cpio.py +0 -0
  122. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/filesystems/dir.py +0 -0
  123. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/filesystems/exfat.py +0 -0
  124. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/filesystems/extfs.py +0 -0
  125. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/filesystems/fat.py +0 -0
  126. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/filesystems/ffs.py +0 -0
  127. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/filesystems/itunes.py +0 -0
  128. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/filesystems/jffs.py +0 -0
  129. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/filesystems/ntfs.py +0 -0
  130. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/filesystems/overlay.py +0 -0
  131. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/filesystems/smb.py +0 -0
  132. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/filesystems/squashfs.py +0 -0
  133. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/filesystems/tar.py +0 -0
  134. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/filesystems/vmfs.py +0 -0
  135. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/filesystems/vmtar.py +0 -0
  136. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/filesystems/xfs.py +0 -0
  137. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/filesystems/zip.py +0 -0
  138. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/__init__.py +0 -0
  139. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/compat/__init__.py +0 -0
  140. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/compat/path_310.py +0 -0
  141. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/compat/path_311.py +0 -0
  142. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/compat/path_312.py +0 -0
  143. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/compat/path_39.py +0 -0
  144. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/compat/path_common.py +0 -0
  145. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/config.py +0 -0
  146. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/configutil.py +0 -0
  147. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/cyber.py +0 -0
  148. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/data/windowsZones.xml +0 -0
  149. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/descriptor_extensions.py +0 -0
  150. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/docs.py +0 -0
  151. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/fsutil.py +0 -0
  152. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/keychain.py +0 -0
  153. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/lazy.py +0 -0
  154. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/loaderutil.py +0 -0
  155. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/localeutil.py +0 -0
  156. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/mount.py +0 -0
  157. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/mui.py +0 -0
  158. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/network_managers.py +0 -0
  159. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/polypath.py +0 -0
  160. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/record.py +0 -0
  161. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/regutil.py +0 -0
  162. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/shell_folder_ids.py +0 -0
  163. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/targetd.py +0 -0
  164. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/utils.py +0 -0
  165. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loader.py +0 -0
  166. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/__init__.py +0 -0
  167. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/ad1.py +0 -0
  168. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/asdf.py +0 -0
  169. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/cb.py +0 -0
  170. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/cyber.py +0 -0
  171. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/dir.py +0 -0
  172. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/hyperv.py +0 -0
  173. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/itunes.py +0 -0
  174. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/kape.py +0 -0
  175. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/local.py +0 -0
  176. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/log.py +0 -0
  177. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/multiraw.py +0 -0
  178. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/ova.py +0 -0
  179. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/overlay.py +0 -0
  180. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/ovf.py +0 -0
  181. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/phobos.py +0 -0
  182. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/profile.py +0 -0
  183. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/pvm.py +0 -0
  184. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/pvs.py +0 -0
  185. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/remote.py +0 -0
  186. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/res.py +0 -0
  187. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/smb.py +0 -0
  188. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/tanium.py +0 -0
  189. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/tar.py +0 -0
  190. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/target.py +0 -0
  191. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/targetd.py +0 -0
  192. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/utm.py +0 -0
  193. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/vb.py +0 -0
  194. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/vbox.py +0 -0
  195. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/velociraptor.py +0 -0
  196. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/vma.py +0 -0
  197. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/vmwarevm.py +0 -0
  198. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/vmx.py +0 -0
  199. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/xva.py +0 -0
  200. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugin.py +0 -0
  201. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/__init__.py +0 -0
  202. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/__init__.py +0 -0
  203. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/av/__init__.py +0 -0
  204. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/browser/__init__.py +0 -0
  205. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/browser/brave.py +0 -0
  206. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/browser/browser.py +0 -0
  207. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/browser/chrome.py +0 -0
  208. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/browser/edge.py +0 -0
  209. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/container/__init__.py +0 -0
  210. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/remoteaccess/__init__.py +0 -0
  211. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/remoteaccess/anydesk.py +0 -0
  212. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/remoteaccess/remoteaccess.py +0 -0
  213. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/remoteaccess/teamviewer.py +0 -0
  214. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/shell/__init__.py +0 -0
  215. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/shell/powershell.py +0 -0
  216. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/ssh/__init__.py +0 -0
  217. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/ssh/openssh.py +0 -0
  218. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/ssh/opensshd.py +0 -0
  219. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/ssh/putty.py +0 -0
  220. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/ssh/ssh.py +0 -0
  221. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/vpn/__init__.py +0 -0
  222. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/vpn/openvpn.py +0 -0
  223. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/vpn/wireguard.py +0 -0
  224. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/webhosting/__init__.py +0 -0
  225. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/webhosting/cpanel.py +0 -0
  226. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/webserver/__init__.py +0 -0
  227. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/webserver/apache.py +0 -0
  228. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/webserver/caddy.py +0 -0
  229. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/webserver/citrix.py +0 -0
  230. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/webserver/iis.py +0 -0
  231. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/webserver/nginx.py +0 -0
  232. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/webserver/webserver.py +0 -0
  233. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/child/__init__.py +0 -0
  234. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/child/docker.py +0 -0
  235. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/child/esxi.py +0 -0
  236. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/child/hyperv.py +0 -0
  237. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/child/virtuozzo.py +0 -0
  238. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/child/vmware_workstation.py +0 -0
  239. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/child/wsl.py +0 -0
  240. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/filesystem/__init__.py +0 -0
  241. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/filesystem/acquire_handles.py +0 -0
  242. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/filesystem/acquire_hash.py +0 -0
  243. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/filesystem/icat.py +0 -0
  244. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/filesystem/ntfs/__init__.py +0 -0
  245. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/filesystem/ntfs/mft.py +0 -0
  246. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/filesystem/ntfs/mft_timeline.py +0 -0
  247. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/filesystem/ntfs/usnjrnl.py +0 -0
  248. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/filesystem/ntfs/utils.py +0 -0
  249. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/filesystem/resolver.py +0 -0
  250. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/filesystem/unix/__init__.py +0 -0
  251. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/filesystem/unix/capability.py +0 -0
  252. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/filesystem/unix/suid.py +0 -0
  253. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/filesystem/walkfs.py +0 -0
  254. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/filesystem/yara.py +0 -0
  255. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/general/__init__.py +0 -0
  256. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/general/config.py +0 -0
  257. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/general/default.py +0 -0
  258. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/general/example.py +0 -0
  259. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/general/loaders.py +0 -0
  260. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/general/osinfo.py +0 -0
  261. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/general/plugins.py +0 -0
  262. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/general/scrape.py +0 -0
  263. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/general/users.py +0 -0
  264. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/__init__.py +0 -0
  265. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/__init__.py +0 -0
  266. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/_os.py +0 -0
  267. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/bsd/__init__.py +0 -0
  268. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/bsd/_os.py +0 -0
  269. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/bsd/citrix/__init__.py +0 -0
  270. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/bsd/citrix/_os.py +0 -0
  271. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/bsd/citrix/history.py +0 -0
  272. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/bsd/freebsd/__init__.py +0 -0
  273. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/bsd/freebsd/_os.py +0 -0
  274. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/bsd/ios/__init__.py +0 -0
  275. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/bsd/ios/_os.py +0 -0
  276. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/bsd/openbsd/__init__.py +0 -0
  277. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/bsd/openbsd/_os.py +0 -0
  278. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/bsd/osx/__init__.py +0 -0
  279. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/bsd/osx/_os.py +0 -0
  280. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/bsd/osx/user.py +0 -0
  281. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/cronjobs.py +0 -0
  282. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/datetime.py +0 -0
  283. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/esxi/__init__.py +0 -0
  284. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/esxi/_os.py +0 -0
  285. {dissect_target-3.17.dev36/dissect/target/plugins/os/unix/linux → dissect_target-3.18/dissect/target/plugins/os/unix/etc}/__init__.py +0 -0
  286. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/etc.py +0 -0
  287. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/generic.py +0 -0
  288. {dissect_target-3.17.dev36/dissect/target/plugins/os/unix/linux/android → dissect_target-3.18/dissect/target/plugins/os/unix/linux}/__init__.py +0 -0
  289. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/linux/_os.py +0 -0
  290. {dissect_target-3.17.dev36/dissect/target/plugins/os/unix/linux/debian → dissect_target-3.18/dissect/target/plugins/os/unix/linux/android}/__init__.py +0 -0
  291. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/linux/android/_os.py +0 -0
  292. {dissect_target-3.17.dev36/dissect/target/plugins/os/unix/linux/debian/vyos → dissect_target-3.18/dissect/target/plugins/os/unix/linux/debian}/__init__.py +0 -0
  293. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/linux/debian/_os.py +0 -0
  294. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/linux/debian/apt.py +0 -0
  295. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/linux/debian/dpkg.py +0 -0
  296. {dissect_target-3.17.dev36/dissect/target/plugins/os/unix/linux/fortios → dissect_target-3.18/dissect/target/plugins/os/unix/linux/debian/vyos}/__init__.py +0 -0
  297. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/linux/debian/vyos/_os.py +0 -0
  298. {dissect_target-3.17.dev36/dissect/target/plugins/os/unix/linux/redhat → dissect_target-3.18/dissect/target/plugins/os/unix/linux/fortios}/__init__.py +0 -0
  299. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/linux/fortios/_keys.py +0 -0
  300. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/linux/fortios/_os.py +0 -0
  301. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/linux/fortios/generic.py +0 -0
  302. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/linux/fortios/locale.py +0 -0
  303. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/linux/iptables.py +0 -0
  304. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/linux/modules.py +0 -0
  305. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/linux/netstat.py +0 -0
  306. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/linux/proc.py +0 -0
  307. {dissect_target-3.17.dev36/dissect/target/plugins/os/unix/linux/suse → dissect_target-3.18/dissect/target/plugins/os/unix/linux/redhat}/__init__.py +0 -0
  308. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/linux/redhat/_os.py +0 -0
  309. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/linux/redhat/yum.py +0 -0
  310. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/linux/services.py +0 -0
  311. {dissect_target-3.17.dev36/dissect/target/plugins/os/unix/locate → dissect_target-3.18/dissect/target/plugins/os/unix/linux/suse}/__init__.py +0 -0
  312. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/linux/suse/_os.py +0 -0
  313. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/linux/suse/zypper.py +0 -0
  314. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/locale.py +0 -0
  315. {dissect_target-3.17.dev36/dissect/target/plugins/os/unix/log → dissect_target-3.18/dissect/target/plugins/os/unix/locate}/__init__.py +0 -0
  316. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/locate/locate.py +0 -0
  317. {dissect_target-3.17.dev36/dissect/target/plugins/os/windows → dissect_target-3.18/dissect/target/plugins/os/unix/log}/__init__.py +0 -0
  318. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/log/audit.py +0 -0
  319. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/log/auth.py +0 -0
  320. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/log/messages.py +0 -0
  321. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/packagemanager.py +0 -0
  322. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/unix/shadow.py +0 -0
  323. {dissect_target-3.17.dev36/dissect/target/plugins/os/windows/dpapi → dissect_target-3.18/dissect/target/plugins/os/windows}/__init__.py +0 -0
  324. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/amcache.py +0 -0
  325. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/cim.py +0 -0
  326. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/clfs.py +0 -0
  327. {dissect_target-3.17.dev36/dissect/target/plugins/os/windows/exchange → dissect_target-3.18/dissect/target/plugins/os/windows/defender_helpers}/__init__.py +0 -0
  328. {dissect_target-3.17.dev36/dissect/target/plugins/os/windows/log → dissect_target-3.18/dissect/target/plugins/os/windows/dpapi}/__init__.py +0 -0
  329. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/dpapi/crypto.py +0 -0
  330. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/dpapi/dpapi.py +0 -0
  331. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/env.py +0 -0
  332. {dissect_target-3.17.dev36/dissect/target/plugins/os/windows/regf → dissect_target-3.18/dissect/target/plugins/os/windows/exchange}/__init__.py +0 -0
  333. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/exchange/exchange.py +0 -0
  334. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/generic.py +0 -0
  335. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/locale.py +0 -0
  336. {dissect_target-3.17.dev36/dissect/target/plugins/os/windows/task_helpers → dissect_target-3.18/dissect/target/plugins/os/windows/log}/__init__.py +0 -0
  337. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/log/amcache.py +0 -0
  338. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/regf/7zip.py +0 -0
  339. {dissect_target-3.17.dev36/dissect/target/tools → dissect_target-3.18/dissect/target/plugins/os/windows/regf}/__init__.py +0 -0
  340. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/regf/mru.py +0 -0
  341. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/regf/nethist.py +0 -0
  342. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/registry.py +0 -0
  343. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/sru.py +0 -0
  344. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/startupinfo.py +0 -0
  345. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/syscache.py +0 -0
  346. {dissect_target-3.17.dev36/dissect/target/tools/dump → dissect_target-3.18/dissect/target/plugins/os/windows/task_helpers}/__init__.py +0 -0
  347. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/task_helpers/tasks_records.py +0 -0
  348. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/task_helpers/tasks_xml.py +0 -0
  349. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/tasks.py +0 -0
  350. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/thumbcache.py +0 -0
  351. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/os/windows/ual.py +0 -0
  352. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/report.py +0 -0
  353. {dissect_target-3.17.dev36/dissect/target/volumes → dissect_target-3.18/dissect/target/tools}/__init__.py +0 -0
  354. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/tools/build_pluginlist.py +0 -0
  355. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/tools/dd.py +0 -0
  356. {dissect_target-3.17.dev36/tests → dissect_target-3.18/dissect/target/tools/dump}/__init__.py +0 -0
  357. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/tools/dump/run.py +0 -0
  358. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/tools/dump/state.py +0 -0
  359. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/tools/dump/utils.py +0 -0
  360. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/tools/fs.py +0 -0
  361. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/tools/info.py +0 -0
  362. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/tools/logging.py +0 -0
  363. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/tools/mount.py +0 -0
  364. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/tools/query.py +0 -0
  365. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/tools/reg.py +0 -0
  366. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/tools/utils.py +0 -0
  367. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/volume.py +0 -0
  368. {dissect_target-3.17.dev36/tests/containers → dissect_target-3.18/dissect/target/volumes}/__init__.py +0 -0
  369. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/volumes/bde.py +0 -0
  370. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/volumes/ddf.py +0 -0
  371. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/volumes/disk.py +0 -0
  372. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/volumes/luks.py +0 -0
  373. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/volumes/lvm.py +0 -0
  374. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/volumes/md.py +0 -0
  375. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/volumes/vmfs.py +0 -0
  376. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect.target.egg-info/dependency_links.txt +0 -0
  377. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect.target.egg-info/entry_points.txt +0 -0
  378. {dissect_target-3.17.dev36 → dissect_target-3.18}/dissect.target.egg-info/top_level.txt +0 -0
  379. {dissect_target-3.17.dev36 → dissect_target-3.18}/setup.cfg +0 -0
  380. {dissect_target-3.17.dev36/tests/filesystems → dissect_target-3.18/tests}/__init__.py +0 -0
  381. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/_docs/Makefile +0 -0
  382. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/_docs/conf.py +0 -0
  383. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/_docs/index.rst +0 -0
  384. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/_utils.py +0 -0
  385. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/conftest.py +0 -0
  386. {dissect_target-3.17.dev36/tests/helpers → dissect_target-3.18/tests/containers}/__init__.py +0 -0
  387. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/containers/test_fortifw.py +0 -0
  388. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/containers/test_split.py +0 -0
  389. {dissect_target-3.17.dev36/tests/loaders → dissect_target-3.18/tests/filesystems}/__init__.py +0 -0
  390. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/filesystems/test_cb.py +0 -0
  391. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/filesystems/test_config.py +0 -0
  392. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/filesystems/test_cpio.py +0 -0
  393. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/filesystems/test_dir.py +0 -0
  394. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/filesystems/test_exfat.py +0 -0
  395. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/filesystems/test_fat.py +0 -0
  396. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/filesystems/test_ntfs.py +0 -0
  397. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/filesystems/test_overlay.py +0 -0
  398. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/filesystems/test_smb.py +0 -0
  399. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/filesystems/test_tar.py +0 -0
  400. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/filesystems/test_vmtar.py +0 -0
  401. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/filesystems/test_zip.py +0 -0
  402. {dissect_target-3.17.dev36/tests/plugins → dissect_target-3.18/tests/helpers}/__init__.py +0 -0
  403. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/helpers/test_cache.py +0 -0
  404. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/helpers/test_config.py +0 -0
  405. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/helpers/test_configutil.py +0 -0
  406. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/helpers/test_docs.py +0 -0
  407. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/helpers/test_fsutil.py +0 -0
  408. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/helpers/test_keychain.py +0 -0
  409. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/helpers/test_loaderutil.py +0 -0
  410. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/helpers/test_localeutil.py +0 -0
  411. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/helpers/test_record.py +0 -0
  412. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/helpers/test_regutil.py +0 -0
  413. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/helpers/test_utils.py +0 -0
  414. {dissect_target-3.17.dev36/tests/plugins/apps → dissect_target-3.18/tests/loaders}/__init__.py +0 -0
  415. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/loaders/test_asdf.py +0 -0
  416. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/loaders/test_cb.py +0 -0
  417. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/loaders/test_dir.py +0 -0
  418. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/loaders/test_hyperv.py +0 -0
  419. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/loaders/test_kape.py +0 -0
  420. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/loaders/test_local.py +0 -0
  421. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/loaders/test_log.py +0 -0
  422. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/loaders/test_multiraw.py +0 -0
  423. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/loaders/test_ova.py +0 -0
  424. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/loaders/test_overlay.py +0 -0
  425. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/loaders/test_ovf.py +0 -0
  426. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/loaders/test_phobos.py +0 -0
  427. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/loaders/test_pvm.py +0 -0
  428. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/loaders/test_pvs.py +0 -0
  429. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/loaders/test_remote.py +0 -0
  430. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/loaders/test_smb.py +0 -0
  431. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/loaders/test_tanium.py +0 -0
  432. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/loaders/test_tar.py +0 -0
  433. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/loaders/test_utm.py +0 -0
  434. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/loaders/test_vbox.py +0 -0
  435. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/loaders/test_velociraptor.py +0 -0
  436. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/loaders/test_vmwarevm.py +0 -0
  437. {dissect_target-3.17.dev36/tests/plugins/apps/av → dissect_target-3.18/tests/plugins}/__init__.py +0 -0
  438. {dissect_target-3.17.dev36/tests/plugins/apps/browser → dissect_target-3.18/tests/plugins/apps}/__init__.py +0 -0
  439. {dissect_target-3.17.dev36/tests/plugins/apps/container → dissect_target-3.18/tests/plugins/apps/av}/__init__.py +0 -0
  440. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/apps/av/test_mcafee.py +0 -0
  441. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/apps/av/test_sophos.py +0 -0
  442. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/apps/av/test_symantec.py +0 -0
  443. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/apps/av/test_trendmicro.py +0 -0
  444. {dissect_target-3.17.dev36/tests/plugins/apps/remoteaccess → dissect_target-3.18/tests/plugins/apps/browser}/__init__.py +0 -0
  445. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/apps/browser/test_brave.py +0 -0
  446. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/apps/browser/test_chrome.py +0 -0
  447. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/apps/browser/test_chromium.py +0 -0
  448. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/apps/browser/test_edge.py +0 -0
  449. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/apps/browser/test_firefox.py +0 -0
  450. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/apps/browser/test_iexplore.py +0 -0
  451. {dissect_target-3.17.dev36/tests/plugins/apps/shell → dissect_target-3.18/tests/plugins/apps/container}/__init__.py +0 -0
  452. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/apps/container/test_docker.py +0 -0
  453. {dissect_target-3.17.dev36/tests/plugins/apps/ssh → dissect_target-3.18/tests/plugins/apps/remoteaccess}/__init__.py +0 -0
  454. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/apps/remoteaccess/test_anydesk.py +0 -0
  455. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/apps/remoteaccess/test_teamviewer.py +0 -0
  456. {dissect_target-3.17.dev36/tests/plugins/apps/vpn → dissect_target-3.18/tests/plugins/apps/shell}/__init__.py +0 -0
  457. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/apps/shell/test_powershell.py +0 -0
  458. {dissect_target-3.17.dev36/tests/plugins/apps/webhosting → dissect_target-3.18/tests/plugins/apps/ssh}/__init__.py +0 -0
  459. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/apps/ssh/test_openssh.py +0 -0
  460. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/apps/ssh/test_opensshd.py +0 -0
  461. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/apps/ssh/test_putty.py +0 -0
  462. {dissect_target-3.17.dev36/tests/plugins/apps/webserver → dissect_target-3.18/tests/plugins/apps/vpn}/__init__.py +0 -0
  463. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/apps/vpn/test_openvpn.py +0 -0
  464. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/apps/vpn/test_wireguard.py +0 -0
  465. {dissect_target-3.17.dev36/tests/plugins/child → dissect_target-3.18/tests/plugins/apps/webhosting}/__init__.py +0 -0
  466. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/apps/webhosting/test_cpanel.py +0 -0
  467. {dissect_target-3.17.dev36/tests/plugins/filesystem → dissect_target-3.18/tests/plugins/apps/webserver}/__init__.py +0 -0
  468. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/apps/webserver/test_apache.py +0 -0
  469. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/apps/webserver/test_caddy.py +0 -0
  470. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/apps/webserver/test_citrix.py +0 -0
  471. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/apps/webserver/test_iis.py +0 -0
  472. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/apps/webserver/test_nginx.py +0 -0
  473. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/apps/webserver/test_webserver.py +0 -0
  474. {dissect_target-3.17.dev36/tests/plugins/filesystem/ntfs → dissect_target-3.18/tests/plugins/child}/__init__.py +0 -0
  475. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/child/test_docker.py +0 -0
  476. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/child/test_hyperv.py +0 -0
  477. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/child/test_virtuozzo.py +0 -0
  478. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/child/test_wsl.py +0 -0
  479. {dissect_target-3.17.dev36/tests/plugins/filesystem/unix → dissect_target-3.18/tests/plugins/filesystem}/__init__.py +0 -0
  480. {dissect_target-3.17.dev36/tests/plugins/general → dissect_target-3.18/tests/plugins/filesystem/ntfs}/__init__.py +0 -0
  481. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/filesystem/ntfs/test_mft.py +0 -0
  482. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/filesystem/ntfs/test_usnjrnl.py +0 -0
  483. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/filesystem/test_acquire_handles.py +0 -0
  484. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/filesystem/test_acquire_hash.py +0 -0
  485. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/filesystem/test_icat.py +0 -0
  486. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/filesystem/test_resolver.py +0 -0
  487. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/filesystem/test_walkfs.py +0 -0
  488. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/filesystem/test_yara.py +0 -0
  489. {dissect_target-3.17.dev36/tests/plugins/os → dissect_target-3.18/tests/plugins/filesystem/unix}/__init__.py +0 -0
  490. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/filesystem/unix/test_capability.py +0 -0
  491. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/filesystem/unix/test_suid.py +0 -0
  492. {dissect_target-3.17.dev36/tests/plugins/os/unix → dissect_target-3.18/tests/plugins/general}/__init__.py +0 -0
  493. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/general/test_config.py +0 -0
  494. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/general/test_default.py +0 -0
  495. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/general/test_plugins.py +0 -0
  496. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/general/test_scrape.py +0 -0
  497. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/general/test_users.py +0 -0
  498. {dissect_target-3.17.dev36/tests/plugins/os/unix/bsd → dissect_target-3.18/tests/plugins/os}/__init__.py +0 -0
  499. {dissect_target-3.17.dev36/tests/plugins/os/unix/bsd/citrix → dissect_target-3.18/tests/plugins/os/unix}/__init__.py +0 -0
  500. {dissect_target-3.17.dev36/tests/plugins/os/unix/bsd/osx → dissect_target-3.18/tests/plugins/os/unix/bsd}/__init__.py +0 -0
  501. {dissect_target-3.17.dev36/tests/plugins/os/unix/esxi → dissect_target-3.18/tests/plugins/os/unix/bsd/citrix}/__init__.py +0 -0
  502. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/bsd/citrix/test__os.py +0 -0
  503. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/bsd/citrix/test_history.py +0 -0
  504. {dissect_target-3.17.dev36/tests/plugins/os/unix/linux → dissect_target-3.18/tests/plugins/os/unix/bsd/osx}/__init__.py +0 -0
  505. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/bsd/osx/test__os.py +0 -0
  506. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/bsd/osx/test_user.py +0 -0
  507. {dissect_target-3.17.dev36/tests/plugins/os/unix/linux/android → dissect_target-3.18/tests/plugins/os/unix/esxi}/__init__.py +0 -0
  508. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/esxi/test__os.py +0 -0
  509. {dissect_target-3.17.dev36/tests/plugins/os/unix/linux/debian → dissect_target-3.18/tests/plugins/os/unix/linux}/__init__.py +0 -0
  510. {dissect_target-3.17.dev36/tests/plugins/os/unix/linux/redhat → dissect_target-3.18/tests/plugins/os/unix/linux/android}/__init__.py +0 -0
  511. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/linux/android/test__os.py +0 -0
  512. {dissect_target-3.17.dev36/tests/plugins/os/unix/linux/suse → dissect_target-3.18/tests/plugins/os/unix/linux/debian}/__init__.py +0 -0
  513. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/linux/debian/test_apt.py +0 -0
  514. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/linux/debian/test_dpkg.py +0 -0
  515. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/linux/fortios/test_keys.py +0 -0
  516. {dissect_target-3.17.dev36/tests/plugins/os/unix/locate → dissect_target-3.18/tests/plugins/os/unix/linux/redhat}/__init__.py +0 -0
  517. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/linux/redhat/test_yum.py +0 -0
  518. {dissect_target-3.17.dev36/tests/plugins/os/unix/log → dissect_target-3.18/tests/plugins/os/unix/linux/suse}/__init__.py +0 -0
  519. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/linux/suse/test_zypper.py +0 -0
  520. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/linux/test_cmdline.py +0 -0
  521. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/linux/test_environ.py +0 -0
  522. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/linux/test_iptables.py +0 -0
  523. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/linux/test_modules.py +0 -0
  524. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/linux/test_netstat.py +0 -0
  525. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/linux/test_proc.py +0 -0
  526. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/linux/test_processes.py +0 -0
  527. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/linux/test_services.py +0 -0
  528. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/linux/test_sockets.py +0 -0
  529. {dissect_target-3.17.dev36/tests/plugins/os/windows → dissect_target-3.18/tests/plugins/os/unix/locate}/__init__.py +0 -0
  530. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/locate/test_gnulocate.py +0 -0
  531. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/locate/test_mlocate.py +0 -0
  532. {dissect_target-3.17.dev36/tests/plugins/os/windows/regf → dissect_target-3.18/tests/plugins/os/unix/log}/__init__.py +0 -0
  533. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/log/test_atop.py +0 -0
  534. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/log/test_audit.py +0 -0
  535. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/log/test_auth.py +0 -0
  536. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/log/test_lastlog.py +0 -0
  537. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/log/test_messages.py +0 -0
  538. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/log/test_utmp.py +0 -0
  539. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/test__os.py +0 -0
  540. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/test_generic.py +0 -0
  541. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/test_ips.py +0 -0
  542. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/test_journal.py +0 -0
  543. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/test_locale.py +0 -0
  544. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/test_packagemanager.py +0 -0
  545. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/test_shadow.py +0 -0
  546. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/test_users.py +0 -0
  547. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/unix/test_version.py +0 -0
  548. {dissect_target-3.17.dev36/tests/tools → dissect_target-3.18/tests/plugins/os/windows}/__init__.py +0 -0
  549. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/log/test_etl.py +0 -0
  550. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/log/test_evt.py +0 -0
  551. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/log/test_evtx.py +0 -0
  552. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/log/test_schedlgu.py +0 -0
  553. {dissect_target-3.17.dev36/tests/volumes → dissect_target-3.18/tests/plugins/os/windows/regf}/__init__.py +0 -0
  554. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/regf/test_appxdebugkeys.py +0 -0
  555. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/regf/test_clsid.py +0 -0
  556. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/regf/test_muicache.py +0 -0
  557. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/regf/test_trusteddocs.py +0 -0
  558. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/regf/test_userassist.py +0 -0
  559. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/test_adpolicy.py +0 -0
  560. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/test_amcache.py +0 -0
  561. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/test_catroot.py +0 -0
  562. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/test_clfs.py +0 -0
  563. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/test_credhist.py +0 -0
  564. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/test_datetime.py +0 -0
  565. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/test_dpapi.py +0 -0
  566. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/test_env.py +0 -0
  567. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/test_generic.py +0 -0
  568. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/test_lnk.py +0 -0
  569. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/test_locale.py +0 -0
  570. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/test_mru.py +0 -0
  571. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/test_notifications.py +0 -0
  572. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/test_registry.py +0 -0
  573. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/test_sam.py +0 -0
  574. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/test_shimcache.py +0 -0
  575. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/test_sru.py +0 -0
  576. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/test_syscache.py +0 -0
  577. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/test_tasks.py +0 -0
  578. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/test_thumbcache.py +0 -0
  579. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/test_ual.py +0 -0
  580. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/plugins/os/windows/test_wer.py +0 -0
  581. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/test_container.py +0 -0
  582. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/test_filesystem.py +0 -0
  583. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/test_plugin.py +0 -0
  584. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/test_registration.py +0 -0
  585. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/test_report.py +0 -0
  586. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/test_target.py +0 -0
  587. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/test_volume.py +0 -0
  588. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/tools/test_dump.py +0 -0
  589. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/tools/test_fs.py +0 -0
  590. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/tools/test_mount.py +0 -0
  591. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/tools/test_query.py +0 -0
  592. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/tools/test_reg.py +0 -0
  593. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/tools/test_shell.py +0 -0
  594. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/tools/test_utils.py +0 -0
  595. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/volumes/test_bde.py +0 -0
  596. {dissect_target-3.17.dev36 → dissect_target-3.18}/tests/volumes/test_md.py +0 -0
{dissect_target-3.17.dev36/dissect.target.egg-info → dissect_target-3.18}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: dissect.target
3
- Version: 3.17.dev36
3
+ Version: 3.18
4
4
  Summary: This module ties all other Dissect modules together, it provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets)
5
5
  Author-email: Dissect Team <dissect@fox-it.com>
6
6
  License: Affero General Public License v3
@@ -23,39 +23,64 @@ Description-Content-Type: text/markdown
23
23
  License-File: LICENSE
24
24
  License-File: COPYRIGHT
25
25
  Requires-Dist: defusedxml
26
- Requires-Dist: dissect.cstruct<4.0.dev,>=3.0.dev
27
- Requires-Dist: dissect.eventlog<4.0.dev,>=3.0.dev
28
- Requires-Dist: dissect.evidence<4.0.dev,>=3.0.dev
29
- Requires-Dist: dissect.hypervisor<4.0.dev,>=3.0.dev
30
- Requires-Dist: dissect.ntfs<4.0.dev,>=3.4.dev
31
- Requires-Dist: dissect.regf<4.0.dev,>=3.3.dev
32
- Requires-Dist: dissect.util<4.0.dev,>=3.0.dev
33
- Requires-Dist: dissect.volume<4.0.dev,>=3.0.dev
34
- Requires-Dist: flow.record~=3.14.0
26
+ Requires-Dist: dissect.cstruct<5,>=4
27
+ Requires-Dist: dissect.eventlog<4,>=3
28
+ Requires-Dist: dissect.evidence<4,>=3
29
+ Requires-Dist: dissect.hypervisor<4,>=3
30
+ Requires-Dist: dissect.ntfs<4,>=3.4
31
+ Requires-Dist: dissect.regf<4,>=3.3
32
+ Requires-Dist: dissect.util<4,>=3
33
+ Requires-Dist: dissect.volume<4,>=2
34
+ Requires-Dist: flow.record~=3.15.0
35
35
  Requires-Dist: structlog
36
36
  Provides-Extra: full
37
37
  Requires-Dist: asn1crypto; extra == "full"
38
- Requires-Dist: dissect.btrfs<2.0.dev,>=1.0.dev; extra == "full"
39
- Requires-Dist: dissect.cim<4.0.dev,>=3.0.dev; extra == "full"
40
- Requires-Dist: dissect.clfs<2.0.dev,>=1.0.dev; extra == "full"
41
- Requires-Dist: dissect.esedb<4.0.dev,>=3.0.dev; extra == "full"
42
- Requires-Dist: dissect.etl<4.0.dev,>=3.0.dev; extra == "full"
43
- Requires-Dist: dissect.extfs<4.0.dev,>=3.0.dev; extra == "full"
44
- Requires-Dist: dissect.fat<4.0.dev,>=3.0.dev; extra == "full"
45
- Requires-Dist: dissect.ffs<4.0.dev,>=3.0.dev; extra == "full"
46
- Requires-Dist: dissect.jffs<2.0.dev,>=1.0.dev; extra == "full"
47
- Requires-Dist: dissect.shellitem<4.0.dev,>=3.0.dev; extra == "full"
48
- Requires-Dist: dissect.squashfs<2.0.dev,>=1.0.dev; extra == "full"
49
- Requires-Dist: dissect.sql<4.0.dev,>=3.0.dev; extra == "full"
50
- Requires-Dist: dissect.thumbcache<2.0.dev,>=1.0.dev; extra == "full"
51
- Requires-Dist: dissect.vmfs<4.0.dev,>=3.0.dev; extra == "full"
52
- Requires-Dist: dissect.xfs<4.0.dev,>=3.0.dev; extra == "full"
38
+ Requires-Dist: dissect.btrfs<2,>=1; extra == "full"
39
+ Requires-Dist: dissect.cim<4,>=3; extra == "full"
40
+ Requires-Dist: dissect.clfs<2,>=1; extra == "full"
41
+ Requires-Dist: dissect.esedb<4,>=3; extra == "full"
42
+ Requires-Dist: dissect.etl<4,>=3; extra == "full"
43
+ Requires-Dist: dissect.extfs<4,>=3; extra == "full"
44
+ Requires-Dist: dissect.fat<4,>=3; extra == "full"
45
+ Requires-Dist: dissect.ffs<4,>=3; extra == "full"
46
+ Requires-Dist: dissect.jffs<2,>=1; extra == "full"
47
+ Requires-Dist: dissect.shellitem<4,>=3; extra == "full"
48
+ Requires-Dist: dissect.squashfs<2,>=1; extra == "full"
49
+ Requires-Dist: dissect.sql<4,>=3; extra == "full"
50
+ Requires-Dist: dissect.thumbcache<2,>=1; extra == "full"
51
+ Requires-Dist: dissect.vmfs<4,>=3; extra == "full"
52
+ Requires-Dist: dissect.xfs<4,>=3; extra == "full"
53
53
  Requires-Dist: ipython; extra == "full"
54
54
  Requires-Dist: fusepy; extra == "full"
55
55
  Requires-Dist: pycryptodome; extra == "full"
56
56
  Requires-Dist: ruamel.yaml; extra == "full"
57
57
  Requires-Dist: tomli; python_version < "3.11" and extra == "full"
58
58
  Requires-Dist: zstandard; extra == "full"
59
+ Provides-Extra: dev
60
+ Requires-Dist: dissect.target[full,mqtt,yara]; extra == "dev"
61
+ Requires-Dist: dissect.btrfs[dev]<2.0.dev,>=1.0.dev; extra == "dev"
62
+ Requires-Dist: dissect.cim[dev]<4.0.dev,>=3.0.dev; extra == "dev"
63
+ Requires-Dist: dissect.clfs[dev]<2.0.dev,>=1.0.dev; extra == "dev"
64
+ Requires-Dist: dissect.cstruct<5.0.dev,>=4.0.dev; extra == "dev"
65
+ Requires-Dist: dissect.esedb[dev]<4.0.dev,>=3.0.dev; extra == "dev"
66
+ Requires-Dist: dissect.etl[dev]<4.0.dev,>=3.0.dev; extra == "dev"
67
+ Requires-Dist: dissect.eventlog[dev]<4.0.dev,>=3.0.dev; extra == "dev"
68
+ Requires-Dist: dissect.evidence[dev]<4.0.dev,>=3.0.dev; extra == "dev"
69
+ Requires-Dist: dissect.extfs[dev]<4.0.dev,>=3.0.dev; extra == "dev"
70
+ Requires-Dist: dissect.fat[dev]<4.0.dev,>=3.0.dev; extra == "dev"
71
+ Requires-Dist: dissect.ffs[dev]<4.0.dev,>=3.0.dev; extra == "dev"
72
+ Requires-Dist: dissect.hypervisor[dev]<4.0.dev,>=3.0.dev; extra == "dev"
73
+ Requires-Dist: dissect.jffs[dev]<2.0.dev,>=1.0.dev; extra == "dev"
74
+ Requires-Dist: dissect.ntfs[dev]<4.0.dev,>=3.4.dev; extra == "dev"
75
+ Requires-Dist: dissect.regf[dev]<4.0.dev,>=3.3.dev; extra == "dev"
76
+ Requires-Dist: dissect.shellitem[dev]<4.0.dev,>=3.0.dev; extra == "dev"
77
+ Requires-Dist: dissect.sql[dev]<4.0.dev,>=3.0.dev; extra == "dev"
78
+ Requires-Dist: dissect.squashfs[dev]<2.0.dev,>=1.0.dev; extra == "dev"
79
+ Requires-Dist: dissect.thumbcache[dev]<2.0.dev,>=1.0.dev; extra == "dev"
80
+ Requires-Dist: dissect.util<4.0.dev,>=3.0.dev; extra == "dev"
81
+ Requires-Dist: dissect.vmfs[dev]<4.0.dev,>=3.0.dev; extra == "dev"
82
+ Requires-Dist: dissect.volume[dev]<4.0.dev,>=3.0.dev; extra == "dev"
83
+ Requires-Dist: dissect.xfs[dev]<4.0.dev,>=3.0.dev; extra == "dev"
59
84
  Provides-Extra: yara
60
85
  Requires-Dist: dissect.target[full]; extra == "yara"
61
86
  Requires-Dist: yara-python; extra == "yara"
{dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/exceptions.py RENAMED
@@ -114,3 +114,7 @@ class RegistryCorruptError(RegistryError):
114
114
 
115
115
  class ConfigurationParsingError(Error):
116
116
  """An error occurred during configuration parsing."""
117
+
118
+
119
+ class TargetPathNotFoundError(TargetError):
120
+ """The path to the target does not exist."""
{dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/filesystem.py RENAMED
@@ -6,7 +6,6 @@ import logging
6
6
  import os
7
7
  import pathlib
8
8
  import stat
9
- import warnings
10
9
  from collections import defaultdict
11
10
  from typing import TYPE_CHECKING, Any, BinaryIO, Callable, Iterator, Optional, Type
12
11
 
@@ -67,15 +66,6 @@ class Filesystem:
67
66
  def __repr__(self) -> str:
68
67
  return f"<{self.__class__.__name__}>"
69
68
 
70
- @classmethod
71
- @property
72
- def __fstype__(cls) -> str:
73
- warnings.warn(
74
- "The __fstype__ attribute is deprecated and will be removed in dissect.target 3.15. Use __type__ instead",
75
- category=DeprecationWarning,
76
- )
77
- return cls.__type__
78
-
79
69
  def path(self, *args) -> fsutil.TargetPath:
80
70
  """Instantiate a new path-like object on this filesystem."""
81
71
  return fsutil.TargetPath(self, *args)
{dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/cache.py RENAMED
@@ -147,7 +147,9 @@ class Cache:
147
147
  if os.access(cache_file, os.R_OK, effective_ids=bool(os.supports_effective_ids)):
148
148
  if os.stat(cache_file).st_size != 0:
149
149
  try:
150
- return self.open_reader(cache_file, output)
150
+ reader = self.open_reader(cache_file, output)
151
+ target.log.info("Using cache for function: %s", self.fname)
152
+ return reader
151
153
  except Exception as e:
152
154
  target.log.warning("Cache will NOT be used. Error opening cache file: %s", cache_file)
153
155
  target.log.debug("", exc_info=e)
dissect_target-3.18/dissect/target/helpers/hashutil.py ADDED
@@ -0,0 +1,47 @@
1
+ from __future__ import annotations
2
+
3
+ import hashlib
4
+ from typing import TYPE_CHECKING, BinaryIO, Union
5
+
6
+ if TYPE_CHECKING:
7
+ from hashlib._hashlib import HASH
8
+
9
+ BUFFER_SIZE = 32768
10
+
11
+
12
+ def _hash(fh: BinaryIO, ctx: Union[HASH, list[HASH]]) -> tuple[str]:
13
+ if not isinstance(ctx, list):
14
+ ctx = [ctx]
15
+
16
+ ctx = [c() for c in ctx]
17
+ data = fh.read(BUFFER_SIZE)
18
+ while data:
19
+ [c.update(data) for c in ctx]
20
+ data = fh.read(BUFFER_SIZE)
21
+
22
+ return tuple(c.hexdigest() for c in ctx)
23
+
24
+
25
+ def md5(fh: BinaryIO) -> tuple[str]:
26
+ return _hash(fh, hashlib.md5)[0]
27
+
28
+
29
+ def sha1(fh: BinaryIO) -> tuple[str]:
30
+ return _hash(fh, hashlib.sha1)[0]
31
+
32
+
33
+ def sha256(fh: BinaryIO) -> tuple[str]:
34
+ return _hash(fh, hashlib.sha256)[0]
35
+
36
+
37
+ def common(fh: BinaryIO) -> tuple[str]:
38
+ return _hash(fh, [hashlib.md5, hashlib.sha1, hashlib.sha256])
39
+
40
+
41
+ def custom(fh: BinaryIO, algos: list[Union[str, HASH]]) -> tuple[str]:
42
+ if isinstance(algos[0], str):
43
+ ctx = [getattr(hashlib, h) for h in algos]
44
+ else:
45
+ ctx = algos
46
+
47
+ return _hash(fh, ctx)
{dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/protobuf.py RENAMED
@@ -3,30 +3,26 @@ from __future__ import annotations
3
3
  from typing import Any, BinaryIO
4
4
 
5
5
  from dissect.cstruct.types.base import BaseType
6
- from dissect.cstruct.types.bytesinteger import BytesInteger
7
6
 
8
7
 
9
- class ProtobufVarint(BytesInteger):
8
+ class ProtobufVarint(BaseType):
10
9
  """Implements a protobuf integer type for dissect.cstruct that can span a variable amount of bytes.
11
10
 
12
- Mainly follows the cstruct BytesInteger implementation with minor tweaks
13
- to support protobuf's msb varint implementation.
11
+ Supports protobuf's msb varint implementation.
14
12
 
15
13
  Resources:
16
14
  - https://protobuf.dev/programming-guides/encoding/
17
15
  - https://github.com/protocolbuffers/protobuf/blob/main/python/google/protobuf/internal/decoder.py
18
16
  """
19
17
 
20
- def _read(self, stream: BinaryIO, context: dict[str, Any] = None) -> int:
18
+ @classmethod
19
+ def _read(cls, stream: BinaryIO, context: dict[str, Any] = None) -> int:
21
20
  return decode_varint(stream)
22
21
 
23
- def _write(self, stream: BinaryIO, data: int) -> int:
22
+ @classmethod
23
+ def _write(cls, stream: BinaryIO, data: int) -> int:
24
24
  return stream.write(encode_varint(data))
25
25
 
26
- _read_array = BaseType._read_array
27
-
28
- _write_array = BaseType._write_array
29
-
30
26
 
31
27
  def decode_varint(stream: BinaryIO) -> int:
32
28
  """Reads a varint from the provided buffer stream.
{dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/record_modifier.py RENAMED
@@ -62,13 +62,16 @@ MODIFIER_MAPPING = {
62
62
 
63
63
  def _resolve_path_types(target: Target, record: Record) -> Iterator[tuple[str, TargetPath]]:
64
64
  for field_name, field_type in record._field_types.items():
65
- if not issubclass(field_type, fieldtypes.path):
65
+ if not issubclass(field_type, (fieldtypes.path, fieldtypes.command)):
66
66
  continue
67
67
 
68
68
  path = getattr(record, field_name, None)
69
69
  if path is None:
70
70
  continue
71
71
 
72
+ if isinstance(path, fieldtypes.command):
73
+ path = path.executable
74
+
72
75
  yield field_name, target.resolve(str(path))
73
76
 
74
77
 
{dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/helpers/ssh.py RENAMED
@@ -1,9 +1,9 @@
1
1
  import base64
2
2
  import binascii
3
3
 
4
- from dissect import cstruct
4
+ from dissect.cstruct import cstruct
5
5
 
6
- c_rfc4716_def = """
6
+ rfc4716_def = """
7
7
  struct ssh_string {
8
8
  uint32 length;
9
9
  char value[length];
@@ -23,8 +23,7 @@ struct ssh_private_key {
23
23
  }
24
24
  """
25
25
 
26
- c_rfc4716 = cstruct.cstruct(endian=">")
27
- c_rfc4716.load(c_rfc4716_def)
26
+ c_rfc4716 = cstruct(endian=">").load(rfc4716_def)
28
27
 
29
28
  RFC4716_MARKER_START = b"-----BEGIN OPENSSH PRIVATE KEY-----"
30
29
  RFC4716_MARKER_END = b"-----END OPENSSH PRIVATE KEY-----"
{dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/mqtt.py RENAMED
@@ -1,13 +1,18 @@
1
1
  from __future__ import annotations
2
2
 
3
+ import atexit
3
4
  import logging
5
+ import math
6
+ import os
4
7
  import ssl
8
+ import sys
5
9
  import time
6
10
  import urllib
7
11
  from dataclasses import dataclass
8
12
  from functools import lru_cache
9
13
  from pathlib import Path
10
14
  from struct import pack, unpack_from
15
+ from threading import Thread
11
16
  from typing import Any, Callable, Iterator, Optional, Union
12
17
 
13
18
  import paho.mqtt.client as mqtt
@@ -51,6 +56,34 @@ class SeekMessage:
51
56
  data: bytes = b""
52
57
 
53
58
 
59
+ class MQTTTransferRatePerSecond:
60
+ def __init__(self, window_size: int = 10):
61
+ self.window_size = window_size
62
+ self.timestamps = []
63
+ self.bytes = []
64
+
65
+ def record(self, timestamp: float, byte_count: int) -> MQTTTransferRatePerSecond:
66
+ while self.timestamps and (timestamp - self.timestamps[0] > self.window_size):
67
+ self.timestamps.pop(0)
68
+ self.bytes.pop(0)
69
+
70
+ self.timestamps.append(timestamp)
71
+ self.bytes.append(byte_count)
72
+ return self
73
+
74
+ def value(self, current_time: float) -> float:
75
+ if not self.timestamps:
76
+ return 0
77
+
78
+ elapsed_time = current_time - self.timestamps[0]
79
+ if elapsed_time == 0:
80
+ return 0
81
+
82
+ total_bytes = self.bytes[-1] - self.bytes[0]
83
+
84
+ return total_bytes / elapsed_time
85
+
86
+
54
87
  class MQTTStream(AlignedStream):
55
88
  def __init__(self, stream: MQTTConnection, disk_id: int, size: Optional[int] = None):
56
89
  self.stream = stream
@@ -62,12 +95,108 @@ class MQTTStream(AlignedStream):
62
95
  return data
63
96
 
64
97
 
98
+ class MQTTDiagnosticLine:
99
+ def __init__(self, connection: MQTTConnection, total_peers: int):
100
+ self.connection = connection
101
+ self.total_peers = total_peers
102
+ self._columns, self._rows = os.get_terminal_size(0)
103
+ atexit.register(self._detach)
104
+ self._attach()
105
+
106
+ def _attach(self) -> None:
107
+ # save cursor position
108
+ sys.stderr.write("\0337")
109
+ # set top and bottom margins of the scrolling region to default
110
+ sys.stderr.write("\033[r")
111
+ # restore cursor position
112
+ sys.stderr.write("\0338")
113
+ # move cursor down one line in the same column; if at the bottom, the screen scrolls up
114
+ sys.stderr.write("\033D")
115
+ # move cursor up one line in the same column; if at the top, screen scrolls down
116
+ sys.stderr.write("\033M")
117
+ # save cursor position again
118
+ sys.stderr.write("\0337")
119
+ # restrict scrolling to a region from the first line to one before the last line
120
+ sys.stderr.write(f"\033[1;{self._rows - 1}r")
121
+ # restore cursor position after setting scrolling region
122
+ sys.stderr.write("\0338")
123
+
124
+ def _detach(self) -> None:
125
+ # save cursor position
126
+ sys.stderr.write("\0337")
127
+ # move cursor to the specified position (last line, first column)
128
+ sys.stderr.write(f"\033[{self._rows};1H")
129
+ # clear from cursor to end of the line
130
+ sys.stderr.write("\033[K")
131
+ # reset scrolling region to include the entire display
132
+ sys.stderr.write("\033[r")
133
+ # restore cursor position
134
+ sys.stderr.write("\0338")
135
+ # ensure the written content is displayed (flush output)
136
+ sys.stderr.flush()
137
+
138
+ def display(self) -> None:
139
+ # prepare: set background color to blue and text color to white at the beginning of the line
140
+ prefix = "\x1b[44m\x1b[37m\r"
141
+ # reset all attributes (colors, styles) to their defaults afterwards
142
+ suffix = "\x1b[0m"
143
+ # separator to set background color to red and text style to bold
144
+ separator = "\x1b[41m\x1b[1m"
145
+ logo = "TARGETD"
146
+
147
+ start = time.time()
148
+ transfer_rate = MQTTTransferRatePerSecond(window_size=7)
149
+
150
+ while True:
151
+ time.sleep(0.05)
152
+ peers = "?"
153
+ try:
154
+ peers = len(self.connection.broker.peers(self.connection.host))
155
+ except Exception:
156
+ pass
157
+
158
+ recv = self.connection.broker.bytes_received
159
+ now = time.time()
160
+ transfer = transfer_rate.record(now, recv).value(now) / 1000 # convert to KB/s
161
+ failures = self.connection.retries
162
+ seconds_elapsed = round(now - start) % 60
163
+ minutes_elapsed = math.floor((now - start) / 60) % 60
164
+ hours_elapsed = math.floor((now - start) / 60**2)
165
+ timer = f"{hours_elapsed:02d}:{minutes_elapsed:02d}:{seconds_elapsed:02d}"
166
+ display = f"{timer} {peers}/{self.total_peers} peers {transfer:>8.2f} KB p/s {failures:>4} failures"
167
+ rest = self._columns - len(display)
168
+ padding = (rest - len(logo)) * " "
169
+
170
+ # save cursor position
171
+ sys.stderr.write("\0337")
172
+ # move cursor to specified position (last line, first column)
173
+ sys.stderr.write(f"\033[{self._rows};1H")
174
+ # disable line wrapping
175
+ sys.stderr.write("\033[?7l")
176
+ # reset all attributes
177
+ sys.stderr.write("\033[0m")
178
+ # write the display line with prefix, calculated display content, padding, separator, and logo
179
+ sys.stderr.write(prefix + display + padding + separator + logo + suffix)
180
+ # enable line wrapping again
181
+ sys.stderr.write("\033[?7h")
182
+ # restore cursor position
183
+ sys.stderr.write("\0338")
184
+ # flush output to ensure it is displayed
185
+ sys.stderr.flush()
186
+
187
+ def start(self) -> None:
188
+ t = Thread(target=self.display)
189
+ t.daemon = True
190
+ t.start()
191
+
192
+
65
193
  class MQTTConnection:
66
194
  broker = None
67
195
  host = None
68
196
  prev = -1
69
197
  factor = 1
70
198
  prefetch_factor_inc = 10
199
+ retries = 0
71
200
 
72
201
  def __init__(self, broker: Broker, host: str):
73
202
  self.broker = broker
@@ -125,6 +254,7 @@ class MQTTConnection:
125
254
  # message might have not reached agent, resend...
126
255
  self.broker.seek(self.host, disk_id, offset, flength, optimization_strategy)
127
256
  attempts = 0
257
+ self.retries += 1
128
258
 
129
259
  return message.data
130
260
 
@@ -138,6 +268,8 @@ class Broker:
138
268
  mqtt_client = None
139
269
  connected = False
140
270
  case = None
271
+ bytes_received = 0
272
+ monitor = False
141
273
 
142
274
  diskinfo = {}
143
275
  index = {}
@@ -217,6 +349,9 @@ class Broker:
217
349
  if casename != self.case:
218
350
  return
219
351
 
352
+ if self.monitor:
353
+ self.bytes_received += len(msg.payload)
354
+
220
355
  if response == "DISKS":
221
356
  self._on_disk(hostname, msg.payload)
222
357
  elif response == "READ":
@@ -238,9 +373,12 @@ class Broker:
238
373
  self.mqtt_client.publish(f"{self.case}/{host}/INFO")
239
374
 
240
375
  def topology(self, host: str) -> None:
241
- self.topo[host] = []
376
+ if host not in self.topo:
377
+ self.topo[host] = []
242
378
  self.mqtt_client.subscribe(f"{self.case}/{host}/ID")
243
379
  time.sleep(1) # need some time to avoid race condition, i.e. MQTT might react too fast
380
+ # send a simple clear command (invalid, just clears the prev. msg) just in case TOPO is stale
381
+ self.mqtt_client.publish(f"{self.case}/{host}/CLR")
244
382
  self.mqtt_client.publish(f"{self.case}/{host}/TOPO")
245
383
 
246
384
  def connect(self) -> None:
@@ -272,6 +410,7 @@ class Broker:
272
410
  @arg("--mqtt-crt", dest="crt", help="client certificate file")
273
411
  @arg("--mqtt-ca", dest="ca", help="certificate authority file")
274
412
  @arg("--mqtt-command", dest="command", help="direct command to client(s)")
413
+ @arg("--mqtt-diag", action="store_true", dest="diag", help="show MQTT diagnostic information")
275
414
  class MQTTLoader(Loader):
276
415
  """Load remote targets through a broker."""
277
416
 
@@ -292,6 +431,7 @@ class MQTTLoader(Loader):
292
431
  def find_all(path: Path, **kwargs) -> Iterator[str]:
293
432
  cls = MQTTLoader
294
433
  num_peers = 1
434
+
295
435
  if cls.broker is None:
296
436
  if (uri := kwargs.get("parsed_path")) is None:
297
437
  raise LoaderError("No URI connection details have been passed.")
@@ -299,8 +439,13 @@ class MQTTLoader(Loader):
299
439
  cls.broker = Broker(**options)
300
440
  cls.broker.connect()
301
441
  num_peers = int(options.get("peers", 1))
442
+ cls.connection = MQTTConnection(cls.broker, path)
443
+ if options.get("diag", None):
444
+ cls.broker.monitor = True
445
+ MQTTDiagnosticLine(cls.connection, num_peers).start()
446
+ else:
447
+ cls.connection = MQTTConnection(cls.broker, path)
302
448
 
303
- cls.connection = MQTTConnection(cls.broker, path)
304
449
  cls.peers = cls.connection.topo(num_peers)
305
450
  yield from cls.peers
306
451
 
{dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/loaders/raw.py RENAMED
@@ -1,6 +1,7 @@
1
1
  from pathlib import Path
2
2
 
3
3
  from dissect.target import container
4
+ from dissect.target.exceptions import TargetPathNotFoundError
4
5
  from dissect.target.loader import Loader
5
6
  from dissect.target.target import Target
6
7
 
@@ -8,6 +9,12 @@ from dissect.target.target import Target
8
9
  class RawLoader(Loader):
9
10
  """Load raw container files such as disk images."""
10
11
 
12
+ def __init__(self, path: Path, **kwargs):
13
+ if not path.exists():
14
+ raise TargetPathNotFoundError("Provided target path does not exist")
15
+
16
+ super().__init__(path, **kwargs)
17
+
11
18
  @staticmethod
12
19
  def detect(path: Path) -> bool:
13
20
  return not path.is_dir()
{dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/av/mcafee.py RENAMED
@@ -71,6 +71,9 @@ class McAfeePlugin(Plugin):
71
71
  """Return msc log history records from McAfee.
72
72
 
73
73
  Yields McAfeeMscLogRecord with the following fields:
74
+
75
+ .. code-block:: text
76
+
74
77
  hostname (string): The target hostname.
75
78
  domain (string): The target domain.
76
79
  ts (datetime): timestamp.
{dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/av/sophos.py RENAMED
@@ -56,6 +56,9 @@ class SophosPlugin(Plugin):
56
56
  """Return alert log records from Sophos Hitman Pro/Alert.
57
57
 
58
58
  Yields HitmanAlertRecord with the following fields:
59
+
60
+ .. code-block:: text
61
+
59
62
  ts (datetime): Timestamp.
60
63
  alert (string): Type of Alert.
61
64
  description (string): Short description of the alert.
@@ -85,6 +88,9 @@ class SophosPlugin(Plugin):
85
88
  """Return log history records from Sophos Home.
86
89
 
87
90
  Yields SophosLogRecord with the following fields:
91
+
92
+ .. code-block:: text
93
+
88
94
  ts (datetime): Timestamp.
89
95
  description (string): Short description of the alert.
90
96
  path (path): Path to the infected file (if available).
{dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/av/symantec.py RENAMED
@@ -293,6 +293,9 @@ class SymantecPlugin(Plugin):
293
293
  """Return log records.
294
294
 
295
295
  Yields SEPLogRecord with the following fields:
296
+
297
+ .. code-block:: text
298
+
296
299
  ts (datetime): Timestamp associated with the event.
297
300
  virus (string): Name of the virus.
298
301
  user (string): Name of the user associated with the event.
@@ -326,6 +329,9 @@ class SymantecPlugin(Plugin):
326
329
  """Return log firewall records.
327
330
 
328
331
  Yields SEPFirewallRecord with the following fields:
332
+
333
+ .. code-block:: text
334
+
329
335
  ts (datetime): Timestamp associated with the event.
330
336
  protocol (string): Protocol name associated with the firewall record.
331
337
  local_ip ("net.ipaddress"): Local IP address associated with the event.
{dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/av/trendmicro.py RENAMED
@@ -1,6 +1,6 @@
1
1
  from typing import Iterator
2
2
 
3
- from dissect import cstruct
3
+ from dissect.cstruct import cstruct
4
4
  from dissect.util.ts import from_unix
5
5
 
6
6
  from dissect.target import Target
@@ -47,8 +47,7 @@ struct firewall_entry {
47
47
  char _pad3[10];
48
48
  };
49
49
  """
50
- c_pfwlog = cstruct.cstruct()
51
- c_pfwlog.load(pfwlog_def)
50
+ c_pfwlog = cstruct().load(pfwlog_def)
52
51
 
53
52
 
54
53
  class TrendMicroPlugin(Plugin):
@@ -71,6 +70,9 @@ class TrendMicroPlugin(Plugin):
71
70
  """Return Trend Micro Worry-free log history records.
72
71
 
73
72
  Yields TrendMicroWFLogRecord with the following fields:
73
+
74
+ .. code-block:: text
75
+
74
76
  hostname (string): The target hostname.
75
77
  domain (string): The target domain.
76
78
  ts (datetime): timestamp.
@@ -94,6 +96,9 @@ class TrendMicroPlugin(Plugin):
94
96
  """Return Trend Micro Worry-free firewall log history records.
95
97
 
96
98
  Yields TrendMicroWFFirewallRecord with the following fields:
99
+
100
+ .. code-block:: text
101
+
97
102
  hostname (string): The target hostname.
98
103
  domain (string): The target domain.
99
104
  ts (datetime): timestamp.
{dissect_target-3.17.dev36 → dissect_target-3.18}/dissect/target/plugins/apps/browser/chromium.py RENAMED
@@ -148,6 +148,9 @@ class ChromiumMixin:
148
148
  browser_name: The name of the browser as a string.
149
149
 
150
150
  Yields:
151
+
152
+ .. code-block:: text
153
+
151
154
  Records with the following fields:
152
155
  ts (datetime): Visit timestamp.
153
156
  browser (string): The browser from which the records are generated from.
@@ -209,6 +212,9 @@ class ChromiumMixin:
209
212
  browser_name: The name of the browser as a string.
210
213
 
211
214
  Yields:
215
+
216
+ .. code-block:: text
217
+
212
218
  Records with the following fields:
213
219
  ts_created (datetime): Cookie created timestamp.
214
220
  ts_last_accessed (datetime): Cookie last accessed timestamp.
@@ -284,6 +290,9 @@ class ChromiumMixin:
284
290
  browser_name: The name of the browser as a string.
285
291
 
286
292
  Yields:
293
+
294
+ .. code-block:: text
295
+
287
296
  Records with the following fields:
288
297
  ts_start (datetime): Download start timestamp.
289
298
  ts_end (datetime): Download end timestamp.
@@ -344,6 +353,9 @@ class ChromiumMixin:
344
353
  browser_name (str): Name of the browser to scan for extensions.
345
354
 
346
355
  Yields:
356
+
357
+ .. code-block:: text
358
+
347
359
  Records with the following fields:
348
360
  ts_install (datetime): Extension install timestamp.
349
361
  ts_update (datetime): Extension update timestamp.