dissect.target 3.8.dev31__tar.gz → 3.8.dev32__tar.gz

Sign up to get free protection for your applications and to get access to all the features.
Files changed (489) hide show
  1. {dissect.target-3.8.dev31/dissect.target.egg-info → dissect.target-3.8.dev32}/PKG-INFO +1 -1
  2. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/browsers/browser.py +69 -14
  3. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/browsers/chrome.py +15 -4
  4. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/browsers/chromium.py +77 -7
  5. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/browsers/edge.py +15 -4
  6. dissect.target-3.8.dev32/dissect/target/plugins/browsers/firefox.py +219 -0
  7. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/browsers/iexplore.py +90 -15
  8. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32/dissect.target.egg-info}/PKG-INFO +1 -1
  9. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect.target.egg-info/SOURCES.txt +6 -5
  10. dissect.target-3.8.dev32/tests/data/places.sqlite +0 -0
  11. dissect.target-3.8.dev31/tests/data/edge-history.sqlite → dissect.target-3.8.dev32/tests/data/plugins/browsers/chrome/History.sqlite +0 -0
  12. dissect.target-3.8.dev31/tests/data/chrome-history.sqlite → dissect.target-3.8.dev32/tests/data/plugins/browsers/edge/History.sqlite +0 -0
  13. dissect.target-3.8.dev32/tests/data/plugins/browsers/iexplore/WebCacheV01.dat.gz +0 -0
  14. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_browsers.py +42 -12
  15. dissect.target-3.8.dev31/dissect/target/plugins/browsers/firefox.py +0 -116
  16. dissect.target-3.8.dev31/tests/data/WebCacheV01.dat.gz +0 -0
  17. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/COPYRIGHT +0 -0
  18. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/LICENSE +0 -0
  19. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/MANIFEST.in +0 -0
  20. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/README.md +0 -0
  21. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/__init__.py +0 -0
  22. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/container.py +0 -0
  23. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/containers/__init__.py +0 -0
  24. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/containers/asdf.py +0 -0
  25. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/containers/ewf.py +0 -0
  26. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/containers/qcow2.py +0 -0
  27. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/containers/raw.py +0 -0
  28. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/containers/split.py +0 -0
  29. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/containers/vdi.py +0 -0
  30. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/containers/vhd.py +0 -0
  31. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/containers/vhdx.py +0 -0
  32. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/containers/vmdk.py +0 -0
  33. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/data/autocompletion/target_bash_completion.sh +0 -0
  34. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/exceptions.py +0 -0
  35. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/filesystem.py +0 -0
  36. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/filesystems/__init__.py +0 -0
  37. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/filesystems/ad1.py +0 -0
  38. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/filesystems/cb.py +0 -0
  39. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/filesystems/dir.py +0 -0
  40. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/filesystems/exfat.py +0 -0
  41. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/filesystems/extfs.py +0 -0
  42. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/filesystems/fat.py +0 -0
  43. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/filesystems/ffs.py +0 -0
  44. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/filesystems/itunes.py +0 -0
  45. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/filesystems/ntfs.py +0 -0
  46. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/filesystems/tar.py +0 -0
  47. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/filesystems/vmfs.py +0 -0
  48. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/filesystems/xfs.py +0 -0
  49. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/filesystems/zip.py +0 -0
  50. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/helpers/__init__.py +0 -0
  51. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/helpers/cache.py +0 -0
  52. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/helpers/config.py +0 -0
  53. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/helpers/data/windowsZones.xml +0 -0
  54. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/helpers/descriptor_extensions.py +0 -0
  55. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/helpers/docs.py +0 -0
  56. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/helpers/fsutil.py +0 -0
  57. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/helpers/hashutil.py +0 -0
  58. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/helpers/keychain.py +0 -0
  59. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/helpers/lazy.py +0 -0
  60. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/helpers/loaderutil.py +0 -0
  61. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/helpers/localeutil.py +0 -0
  62. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/helpers/mount.py +0 -0
  63. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/helpers/network_managers.py +0 -0
  64. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/helpers/record.py +0 -0
  65. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/helpers/regutil.py +0 -0
  66. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/helpers/shell_folder_ids.py +0 -0
  67. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/helpers/ssh.py +0 -0
  68. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/helpers/utils.py +0 -0
  69. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/loader.py +0 -0
  70. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/loaders/__init__.py +0 -0
  71. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/loaders/ad1.py +0 -0
  72. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/loaders/asdf.py +0 -0
  73. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/loaders/cb.py +0 -0
  74. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/loaders/dir.py +0 -0
  75. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/loaders/ewf.py +0 -0
  76. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/loaders/hyperv.py +0 -0
  77. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/loaders/itunes.py +0 -0
  78. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/loaders/kape.py +0 -0
  79. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/loaders/local.py +0 -0
  80. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/loaders/ovf.py +0 -0
  81. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/loaders/phobos.py +0 -0
  82. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/loaders/profile.py +0 -0
  83. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/loaders/raw.py +0 -0
  84. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/loaders/remote.py +0 -0
  85. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/loaders/res.py +0 -0
  86. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/loaders/tanium.py +0 -0
  87. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/loaders/tar.py +0 -0
  88. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/loaders/target.py +0 -0
  89. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/loaders/vb.py +0 -0
  90. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/loaders/vbox.py +0 -0
  91. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/loaders/velociraptor.py +0 -0
  92. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/loaders/vma.py +0 -0
  93. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/loaders/vmx.py +0 -0
  94. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/loaders/xva.py +0 -0
  95. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugin.py +0 -0
  96. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/__init__.py +0 -0
  97. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/apps/__init__.py +0 -0
  98. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/apps/containers/__init__.py +0 -0
  99. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/apps/containers/docker.py +0 -0
  100. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/apps/remoteaccess/__init__.py +0 -0
  101. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/apps/remoteaccess/anydesk.py +0 -0
  102. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/apps/remoteaccess/remoteaccess.py +0 -0
  103. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/apps/remoteaccess/teamviewer.py +0 -0
  104. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/apps/vpns/__init__.py +0 -0
  105. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/apps/vpns/wireguard.py +0 -0
  106. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/apps/webservers/__init__.py +0 -0
  107. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/apps/webservers/apache.py +0 -0
  108. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/apps/webservers/caddy.py +0 -0
  109. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/apps/webservers/iis.py +0 -0
  110. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/apps/webservers/nginx.py +0 -0
  111. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/apps/webservers/webservers.py +0 -0
  112. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/browsers/__init__.py +0 -0
  113. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/child/__init__.py +0 -0
  114. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/child/esxi.py +0 -0
  115. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/child/hyperv.py +0 -0
  116. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/child/virtuozzo.py +0 -0
  117. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/child/vmware_workstation.py +0 -0
  118. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/child/wsl.py +0 -0
  119. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/filesystem/__init__.py +0 -0
  120. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/filesystem/acquire_handles.py +0 -0
  121. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/filesystem/acquire_hash.py +0 -0
  122. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/filesystem/icat.py +0 -0
  123. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/filesystem/ntfs/__init__.py +0 -0
  124. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/filesystem/ntfs/mft.py +0 -0
  125. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/filesystem/ntfs/mft_timeline.py +0 -0
  126. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/filesystem/ntfs/usnjrnl.py +0 -0
  127. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/filesystem/ntfs/utils.py +0 -0
  128. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/filesystem/resolver.py +0 -0
  129. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/filesystem/unix/__init__.py +0 -0
  130. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/filesystem/unix/capability.py +0 -0
  131. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/filesystem/unix/suid.py +0 -0
  132. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/filesystem/walkfs.py +0 -0
  133. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/filesystem/yara.py +0 -0
  134. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/general/__init__.py +0 -0
  135. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/general/default.py +0 -0
  136. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/general/example.py +0 -0
  137. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/general/loaders.py +0 -0
  138. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/general/plugins.py +0 -0
  139. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/general/scrape.py +0 -0
  140. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/general/users.py +0 -0
  141. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/__init__.py +0 -0
  142. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/__init__.py +0 -0
  143. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/_os.py +0 -0
  144. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/bsd/_os.py +0 -0
  145. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/bsd/freebsd/__init__.py +0 -0
  146. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/bsd/freebsd/_os.py +0 -0
  147. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/bsd/ios/__init__.py +0 -0
  148. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/bsd/ios/_os.py +0 -0
  149. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/bsd/openbsd/__init__.py +0 -0
  150. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/bsd/openbsd/_os.py +0 -0
  151. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/bsd/osx/__init__.py +0 -0
  152. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/bsd/osx/_os.py +0 -0
  153. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/cronjobs.py +0 -0
  154. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/datetime.py +0 -0
  155. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/generic.py +0 -0
  156. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/history.py +0 -0
  157. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/linux/__init__.py +0 -0
  158. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/linux/_os.py +0 -0
  159. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/linux/android/__init__.py +0 -0
  160. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/linux/android/_os.py +0 -0
  161. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/linux/debian/__init__.py +0 -0
  162. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/linux/debian/_os.py +0 -0
  163. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/linux/debian/apt.py +0 -0
  164. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/linux/debian/dpkg.py +0 -0
  165. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/linux/debian/vyos/__init__.py +0 -0
  166. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/linux/debian/vyos/_os.py +0 -0
  167. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/linux/esxi/__init__.py +0 -0
  168. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/linux/esxi/_os.py +0 -0
  169. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/linux/fortigate/__init__.py +0 -0
  170. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/linux/fortigate/_os.py +0 -0
  171. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/linux/redhat/__init__.py +0 -0
  172. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/linux/redhat/_os.py +0 -0
  173. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/linux/redhat/yum.py +0 -0
  174. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/linux/suse/__init__.py +0 -0
  175. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/linux/suse/_os.py +0 -0
  176. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/linux/suse/zypper.py +0 -0
  177. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/locale.py +0 -0
  178. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/log/__init__.py +0 -0
  179. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/log/atop.py +0 -0
  180. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/log/audit.py +0 -0
  181. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/log/auth.py +0 -0
  182. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/log/btmp.py +0 -0
  183. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/log/lastlog.py +0 -0
  184. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/log/messages.py +0 -0
  185. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/log/utmp.py +0 -0
  186. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/log/wtmp.py +0 -0
  187. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/packagemanager.py +0 -0
  188. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/services.py +0 -0
  189. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/shadow.py +0 -0
  190. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/unix/ssh.py +0 -0
  191. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/__init__.py +0 -0
  192. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/_os.py +0 -0
  193. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/activitiescache.py +0 -0
  194. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/adpolicy.py +0 -0
  195. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/amcache.py +0 -0
  196. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/catroot.py +0 -0
  197. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/cim.py +0 -0
  198. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/clfs.py +0 -0
  199. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/datetime.py +0 -0
  200. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/defender.py +0 -0
  201. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/env.py +0 -0
  202. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/exchange/__init__.py +0 -0
  203. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/exchange/exchange.py +0 -0
  204. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/generic.py +0 -0
  205. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/lnk.py +0 -0
  206. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/locale.py +0 -0
  207. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/log/__init__.py +0 -0
  208. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/log/amcache.py +0 -0
  209. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/log/etl.py +0 -0
  210. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/log/evt.py +0 -0
  211. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/log/evtx.py +0 -0
  212. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/log/pfro.py +0 -0
  213. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/notifications.py +0 -0
  214. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/powershell.py +0 -0
  215. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/prefetch.py +0 -0
  216. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/recyclebin.py +0 -0
  217. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/regf/7zip.py +0 -0
  218. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/regf/__init__.py +0 -0
  219. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/regf/auditpol.py +0 -0
  220. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/regf/bam.py +0 -0
  221. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/regf/cit.py +0 -0
  222. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/regf/clsid.py +0 -0
  223. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/regf/firewall.py +0 -0
  224. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/regf/mru.py +0 -0
  225. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/regf/muicache.py +0 -0
  226. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/regf/nethist.py +0 -0
  227. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/regf/recentfilecache.py +0 -0
  228. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/regf/regf.py +0 -0
  229. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/regf/runkeys.py +0 -0
  230. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/regf/shellbags.py +0 -0
  231. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/regf/shimcache.py +0 -0
  232. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/regf/trusteddocs.py +0 -0
  233. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/regf/usb.py +0 -0
  234. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/regf/userassist.py +0 -0
  235. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/registry.py +0 -0
  236. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/sam.py +0 -0
  237. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/services.py +0 -0
  238. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/sru.py +0 -0
  239. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/startupinfo.py +0 -0
  240. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/syscache.py +0 -0
  241. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/tasks.py +0 -0
  242. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/thumbcache.py +0 -0
  243. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/ual.py +0 -0
  244. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/os/windows/wer.py +0 -0
  245. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/report.py +0 -0
  246. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/target.py +0 -0
  247. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/tools/__init__.py +0 -0
  248. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/tools/build_pluginlist.py +0 -0
  249. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/tools/dd.py +0 -0
  250. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/tools/dump/__init__.py +0 -0
  251. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/tools/dump/run.py +0 -0
  252. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/tools/dump/state.py +0 -0
  253. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/tools/dump/utils.py +0 -0
  254. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/tools/fs.py +0 -0
  255. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/tools/info.py +0 -0
  256. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/tools/logging.py +0 -0
  257. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/tools/mount.py +0 -0
  258. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/tools/query.py +0 -0
  259. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/tools/reg.py +0 -0
  260. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/tools/shell.py +0 -0
  261. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/tools/utils.py +0 -0
  262. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/volume.py +0 -0
  263. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/volumes/__init__.py +0 -0
  264. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/volumes/bde.py +0 -0
  265. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/volumes/disk.py +0 -0
  266. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/volumes/lvm.py +0 -0
  267. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/volumes/vmfs.py +0 -0
  268. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect.target.egg-info/dependency_links.txt +0 -0
  269. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect.target.egg-info/entry_points.txt +0 -0
  270. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect.target.egg-info/requires.txt +0 -0
  271. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect.target.egg-info/top_level.txt +0 -0
  272. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/pyproject.toml +0 -0
  273. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/setup.cfg +0 -0
  274. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/__init__.py +0 -0
  275. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/_utils.py +0 -0
  276. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/conftest.py +0 -0
  277. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/PcaAppLaunchDic.txt +0 -0
  278. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/SRUDB.dat +0 -0
  279. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/Syscache.hve +0 -0
  280. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/TestAnydesk.trace +0 -0
  281. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/TestLog.evt +0 -0
  282. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/TestLogX.evtx +0 -0
  283. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/TestTeamviewer.log +0 -0
  284. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/adpolicy/{31B2F340-016D-11D2-945F-00C04FB984F9}/GPT.INI +0 -0
  285. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/adpolicy/{31B2F340-016D-11D2-945F-00C04FB984F9}/MACHINE/Microsoft/Windows NT/Audit/audit.csv +0 -0
  286. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/adpolicy/{31B2F340-016D-11D2-945F-00C04FB984F9}/MACHINE/Microsoft/Windows NT/SecEdit/GptTmpl.inf +0 -0
  287. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/adpolicy/{31B2F340-016D-11D2-945F-00C04FB984F9}/MACHINE/Registry.pol +0 -0
  288. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/adpolicy/{31B2F340-016D-11D2-945F-00C04FB984F9}/MACHINE/comment.cmtx +0 -0
  289. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/adpolicy/{393FA062-30DB-40AC-A15E-E0B12B9F2928}/GPT.INI +0 -0
  290. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/adpolicy/{6AC1786C-016F-11D2-945F-00C04fB984F9}/GPT.INI +0 -0
  291. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/adpolicy/{6AC1786C-016F-11D2-945F-00C04fB984F9}/MACHINE/Microsoft/Windows NT/SecEdit/GptTmpl.inf +0 -0
  292. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/amcache-new.hve +0 -0
  293. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/amcache-old.hve +0 -0
  294. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/apps/containers/docker/container_running.json +0 -0
  295. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/apps/containers/docker/image_metadata.json +0 -0
  296. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/apps/containers/docker/repositories.json +0 -0
  297. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/clfs/DRIVERS{53b39e70-18c4-11ea-a811-000d3aa4692b}.TM.blf +0 -0
  298. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/clfs/DRIVERS{53b39e70-18c4-11ea-a811-000d3aa4692b}.TMContainer00000000000000000001.regtrans-ms +0 -0
  299. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/defender-operational.evtx +0 -0
  300. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/defender-quarantine/Entries/{800362A7-0000-0000-FB11-12639186E0D6} +0 -0
  301. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/defender-quarantine/ResourceData/A6/A6C8322B8A19AEED96EFBD045206966DA4C9619D +0 -0
  302. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/defender-quarantine/Resources/A6/A6C8322B8A19AEED96EFBD045206966DA4C9619D +0 -0
  303. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/empty.log +0 -0
  304. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/enc-volume.bin +0 -0
  305. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/keychain.csv +0 -0
  306. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/loaders/hyperv/993F7B33-6057-4D1E-A1FE-A1A1D77BE974.vmcx +0 -0
  307. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/loaders/hyperv/B90AC31B-C6F8-479F-9B91-07B894A6A3F6.xml +0 -0
  308. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/loaders/hyperv/D351C151-DAC7-4042-B434-B72D522C1E4A.xml +0 -0
  309. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/loaders/hyperv/EC04F346-DB96-4700-AF5B-77B3C56C38BD.vmcx +0 -0
  310. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/loaders/tar/test-archive-dot-folder.tgz +0 -0
  311. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/mft.raw +0 -0
  312. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/plugin_register/container.py +0 -0
  313. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/plugin_register/filesystem.py +0 -0
  314. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/plugin_register/loader.py +0 -0
  315. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/plugin_register/plugin.py +0 -0
  316. /dissect.target-3.8.dev31/tests/data/chromium-history-win.sqlite → /dissect.target-3.8.dev32/tests/data/plugins/browsers/chromium/History.sqlite +0 -0
  317. /dissect.target-3.8.dev31/tests/data/firefox-places.sqlite → /dissect.target-3.8.dev32/tests/data/plugins/browsers/firefox/places.sqlite +0 -0
  318. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/plugins/child/hyperv/data.vmcx +0 -0
  319. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/plugins/os/unix/bsd/freebsd/freebsd-freebsd-version +0 -0
  320. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/plugins/os/unix/linux/debian/apt/history.log +0 -0
  321. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/plugins/os/unix/linux/debian/apt/history.log.1.bz2 +0 -0
  322. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/plugins/os/unix/linux/debian/apt/history.log.1.gz +0 -0
  323. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/plugins/os/unix/linux/debian/debian-os-release +0 -0
  324. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/plugins/os/unix/linux/debian/ubuntu-lsb-release +0 -0
  325. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/plugins/os/unix/linux/debian/ubuntu-os-release +0 -0
  326. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/plugins/os/unix/linux/redhat/centos-os-release +0 -0
  327. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/plugins/os/unix/linux/redhat/fedora-os-release +0 -0
  328. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/plugins/os/unix/linux/redhat/yum/yum.log +0 -0
  329. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/plugins/os/unix/linux/redhat/yum/yum.log.1.bz2 +0 -0
  330. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/plugins/os/unix/linux/redhat/yum/yum.log.1.gz +0 -0
  331. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/plugins/os/unix/linux/suse/opensuse-os-release +0 -0
  332. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/plugins/os/unix/linux/suse/zypp/history +0 -0
  333. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/plugins/os/unix/linux/suse/zypp/history.1.bz2 +0 -0
  334. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/plugins/os/unix/linux/suse/zypp/history.1.gz +0 -0
  335. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/plugins/os/windows/tasks/MapsToastTask +0 -0
  336. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/regflex.reg +0 -0
  337. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/symlink_disk.ext4 +0 -0
  338. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/test-acquire-handles.tar +0 -0
  339. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/test-acquire-hash.tar +0 -0
  340. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/test-archive-empty-folder.tgz +0 -0
  341. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/test-archive.tar.gz +0 -0
  342. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/ual/Current.mdb +0 -0
  343. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/ual/SystemIdentity.mdb +0 -0
  344. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/unix/configs/ips/eth0.xml +0 -0
  345. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/unix/configs/ips/interfaces +0 -0
  346. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/unix/configs/keyboard +0 -0
  347. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/unix/configs/passwd +0 -0
  348. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/unix/configs/shadow +0 -0
  349. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/unix/logs/atop +0 -0
  350. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/unix/logs/audit.log +0 -0
  351. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/unix/logs/auth/auth.log +0 -0
  352. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/unix/logs/auth/auth.log.bz2 +0 -0
  353. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/unix/logs/auth/auth.log.gz +0 -0
  354. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/unix/logs/auth/secure +0 -0
  355. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/unix/logs/btmp +0 -0
  356. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/unix/logs/dpkg-status +0 -0
  357. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/unix/logs/dpkg.log +0 -0
  358. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/unix/logs/dpkg.log.2.gz +0 -0
  359. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/unix/logs/empty.log +0 -0
  360. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/unix/logs/lastlog +0 -0
  361. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/unix/logs/messages +0 -0
  362. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/unix/logs/passwd-syslog +0 -0
  363. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/unix/logs/wtmp +0 -0
  364. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/uppercase_driveletter.tar +0 -0
  365. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/usnjrnl.bin +0 -0
  366. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/vpns/wireguard/wg0.conf +0 -0
  367. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/webservers/apache/access.log +0 -0
  368. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/webservers/apache/access.log.bz2 +0 -0
  369. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/webservers/apache/access.log.gz +0 -0
  370. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/webservers/caddy/Caddyfile +0 -0
  371. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/webservers/caddy/access.log +0 -0
  372. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/webservers/iis/iis-applicationHost-iis.config +0 -0
  373. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/webservers/iis/iis-applicationHost-w3c.config +0 -0
  374. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/webservers/iis/iis-logs-iis/W3SVC1/u_in211001.log +0 -0
  375. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/webservers/iis/iis-logs-w3c/W3SVC1/u_ex211001_x.log +0 -0
  376. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/webservers/nginx/access.log +0 -0
  377. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/webservers/nginx/access.log.bz2 +0 -0
  378. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/webservers/nginx/access.log.gz +0 -0
  379. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/webservers/nginx/nginx.conf +0 -0
  380. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/wer/wer_test.tmp.WERInternalMetadata.xml +0 -0
  381. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/wer/wer_test.wer +0 -0
  382. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/data/wpndatabase.db +0 -0
  383. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_container_open.py +0 -0
  384. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_containers_split.py +0 -0
  385. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_fat.py +0 -0
  386. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_filesystem.py +0 -0
  387. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_filesystems_dir.py +0 -0
  388. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_filesystems_ntfs.py +0 -0
  389. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_filesystems_tar.py +0 -0
  390. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_filesystems_zip.py +0 -0
  391. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_hashing.py +0 -0
  392. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_helpers.py +0 -0
  393. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_helpers_cache.py +0 -0
  394. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_helpers_fsutil.py +0 -0
  395. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_helpers_loaderutil.py +0 -0
  396. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_helpers_localeutil.py +0 -0
  397. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_helpers_regutil.py +0 -0
  398. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_helpers_utils.py +0 -0
  399. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_loaders_dir.py +0 -0
  400. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_loaders_hyperv.py +0 -0
  401. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_loaders_kape.py +0 -0
  402. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_loaders_local.py +0 -0
  403. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_loaders_remote.py +0 -0
  404. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_loaders_tanium.py +0 -0
  405. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_loaders_tar.py +0 -0
  406. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_loaders_vbox.py +0 -0
  407. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_loaders_velociraptor.py +0 -0
  408. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugin.py +0 -0
  409. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_apps_containers_docker.py +0 -0
  410. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_apps_remoteaccess_anydesk.py +0 -0
  411. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_apps_remoteaccess_teamviewer.py +0 -0
  412. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_apps_vpns_wireguard.py +0 -0
  413. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_apps_webservers_apache.py +0 -0
  414. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_apps_webservers_caddy.py +0 -0
  415. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_apps_webservers_iis.py +0 -0
  416. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_apps_webservers_nginx.py +0 -0
  417. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_child_hyperv.py +0 -0
  418. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_child_virtuozzo.py +0 -0
  419. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_child_wsl.py +0 -0
  420. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_filesystem_acquire_handles.py +0 -0
  421. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_filesystem_acquire_hash.py +0 -0
  422. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_filesystem_icat.py +0 -0
  423. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_filesystem_ntfs_mft.py +0 -0
  424. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_filesystem_ntfs_usnjrnl.py +0 -0
  425. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_filesystem_resolver.py +0 -0
  426. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_filesystem_unix_capability.py +0 -0
  427. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_filesystem_unix_suid.py +0 -0
  428. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_filesystem_walkfs.py +0 -0
  429. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_filesystem_yara.py +0 -0
  430. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_general_plugins.py +0 -0
  431. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_general_users.py +0 -0
  432. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_unix.py +0 -0
  433. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_unix_auth.py +0 -0
  434. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_unix_debian_dpkg.py +0 -0
  435. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_unix_generic.py +0 -0
  436. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_unix_history.py +0 -0
  437. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_unix_ips.py +0 -0
  438. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_unix_linux_debian_apt.py +0 -0
  439. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_unix_linux_redhat_yum.py +0 -0
  440. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_unix_linux_suse_zypper.py +0 -0
  441. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_unix_locale.py +0 -0
  442. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_unix_log.py +0 -0
  443. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_unix_log_audit.py +0 -0
  444. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_unix_log_messages.py +0 -0
  445. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_unix_packagemanager.py +0 -0
  446. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_unix_shadow.py +0 -0
  447. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_unix_ssh.py +0 -0
  448. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_unix_users.py +0 -0
  449. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_unix_version.py +0 -0
  450. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_windows__os.py +0 -0
  451. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_windows_adpolicy.py +0 -0
  452. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_windows_amcache.py +0 -0
  453. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_windows_clfs.py +0 -0
  454. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_windows_datetime.py +0 -0
  455. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_windows_defender.py +0 -0
  456. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_windows_env.py +0 -0
  457. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_windows_generic.py +0 -0
  458. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_windows_locale.py +0 -0
  459. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_windows_log.py +0 -0
  460. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_windows_mru.py +0 -0
  461. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_windows_notifications.py +0 -0
  462. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_windows_recyclebin.py +0 -0
  463. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_windows_regf_cit.py +0 -0
  464. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_windows_regf_clsid.py +0 -0
  465. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_windows_regf_muicache.py +0 -0
  466. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_windows_regf_trusteddocs.py +0 -0
  467. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_windows_regf_userassist.py +0 -0
  468. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_windows_sam.py +0 -0
  469. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_windows_shimcache.py +0 -0
  470. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_windows_sru.py +0 -0
  471. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_windows_syscache.py +0 -0
  472. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_windows_tasks.py +0 -0
  473. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_windows_thumbcache.py +0 -0
  474. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_windows_ual.py +0 -0
  475. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_os_windows_wer.py +0 -0
  476. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_plugins_scrape.py +0 -0
  477. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_prefetch_time.py +0 -0
  478. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_record.py +0 -0
  479. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_registration.py +0 -0
  480. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_report.py +0 -0
  481. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_shell.py +0 -0
  482. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_target.py +0 -0
  483. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_target_fs.py +0 -0
  484. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_target_path.py +0 -0
  485. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_tools_dump.py +0 -0
  486. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_tools_shell.py +0 -0
  487. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_tools_utils.py +0 -0
  488. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tests/test_volumes_bde.py +0 -0
  489. {dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/tox.ini +0 -0
{dissect.target-3.8.dev31/dissect.target.egg-info → dissect.target-3.8.dev32}/PKG-INFO RENAMED
@@ -1,6 +1,6 @@
1
1
  Metadata-Version: 2.1
2
2
  Name: dissect.target
3
- Version: 3.8.dev31
3
+ Version: 3.8.dev32
4
4
  Summary: This module ties all other Dissect modules together, it provides a programming API and command line tools which allow easy access to various data sources inside disk images or file collections (a.k.a. targets)
5
5
  Author-email: Dissect Team <dissect@fox-it.com>
6
6
  License: Affero General Public License v3
{dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/browsers/browser.py RENAMED
@@ -20,11 +20,26 @@ GENERIC_HISTORY_RECORD_FIELDS = [
20
20
  ("uri", "from_url"),
21
21
  ("path", "source"),
22
22
  ]
23
+ GENERIC_DOWNLOAD_RECORD_FIELDS = [
24
+ ("datetime", "ts_start"),
25
+ ("datetime", "ts_end"),
26
+ ("string", "browser"),
27
+ ("varint", "id"),
28
+ ("path", "path"),
29
+ ("uri", "url"),
30
+ ("filesize", "size"),
31
+ ("varint", "state"),
32
+ ("path", "source"),
33
+ ]
23
34
 
24
35
  BrowserHistoryRecord = create_extended_descriptor([UserRecordDescriptorExtension])(
25
36
  "browser/history", GENERIC_HISTORY_RECORD_FIELDS
26
37
  )
27
38
 
39
+ BrowserDownloadRecord = create_extended_descriptor([UserRecordDescriptorExtension])(
40
+ "browser/download", GENERIC_DOWNLOAD_RECORD_FIELDS
41
+ )
42
+
28
43
 
29
44
  class BrowserPlugin(Plugin):
30
45
  """General browser plugin.
@@ -51,28 +66,42 @@ class BrowserPlugin(Plugin):
51
66
  for entry in self.BROWSERS:
52
67
  try:
53
68
  self._plugins.append(getattr(self.target, entry))
54
- except Exception: # noqa
69
+ except Exception:
55
70
  target.log.exception("Failed to load browser plugin: %s", entry)
56
71
 
57
- def check_compatible(self):
72
+ def check_compatible(self) -> bool:
73
+ """Perform a compatibility check with the target.
74
+ This function checks if any of the supported browser plugins
75
+ can be used. Otherwise it should raise an ``UnsupportedPluginError``.
76
+ Raises:
77
+ UnsupportedPluginError: If the plugin could not be loaded.
78
+ """
58
79
  if not len(self._plugins):
59
80
  raise UnsupportedPluginError("No compatible browser plugins found")
60
81
 
61
- def _func(self, f):
62
- for p in self._plugins:
82
+ def _func(self, func_name: str):
83
+ """Return the supported browser plugin records.
84
+
85
+ Args:
86
+ func_name: Exported function of the browser plugin to find.
87
+
88
+ Yields:
89
+ Record from the browser function.
90
+ """
91
+ for plugin_name in self._plugins:
63
92
  try:
64
- for entry in getattr(p, f)():
93
+ for entry in getattr(plugin_name, func_name)():
65
94
  yield entry
66
95
  except Exception:
67
- self.target.log.exception("Failed to execute browser plugin: %s.%s", p._name, f)
96
+ self.target.log.exception("Failed to execute browser plugin: %s.%s", plugin_name._name, func_name)
68
97
 
69
98
  @export(record=BrowserHistoryRecord)
70
99
  def history(self):
71
- """Return browser history records from all browsers installed.
100
+ """Return browser history records from all browsers installed and supported.
72
101
 
73
102
  Historical browser records for Chrome, Chromium, Edge (Chromium), Firefox, and Internet Explorer are returned.
74
103
 
75
- Yields BrowserHistoryRecords with the following fields:
104
+ Yields BrowserHistoryRecord with the following fields:
76
105
  hostname (string): The target hostname.
77
106
  domain (string): The target domain.
78
107
  ts (datetime): Visit timestamp.
@@ -91,12 +120,38 @@ class BrowserPlugin(Plugin):
91
120
  from_url (uri): URL of the "from" visit.
92
121
  source: (path): The source file of the history record.
93
122
  """
94
- for e in self._func("history"):
95
- yield e
123
+ yield from self._func("history")
96
124
 
125
+ @export(record=BrowserDownloadRecord)
126
+ def downloads(self):
127
+ """Return browser download records from all browsers installed and supported.
97
128
 
98
- def try_idna(s):
129
+ Yields:
130
+ BrowserDownloadRecord with the following fieds:
131
+ hostname (string): The target hostname.
132
+ domain (string): The target domain.
133
+ ts_start (datetime): Download start timestamp.
134
+ ts_end (datetime): Download end timestamp.
135
+ browser (string): The browser from which the records are generated from.
136
+ id (string): Record ID.
137
+ path (string): Download path.
138
+ url (uri): Download URL.
139
+ size (varint): Download file size.
140
+ state (varint): Download state number.
141
+ source: (path): The source file of the download record.
142
+ """
143
+ yield from self._func("downloads")
144
+
145
+
146
+ def try_idna(url: str) -> bytes:
147
+ """Attempts to convert a possible Unicode url to ASCII using the IDNA standard.
148
+
149
+ Args:
150
+ url: A String containing the url to be converted.
151
+
152
+ Returns: Bytes object with the ASCII version of the url.
153
+ """
99
154
  try:
100
- return s.encode("idna")
101
- except Exception: # noqa
102
- return s
155
+ return url.encode("idna")
156
+ except Exception:
157
+ return url
{dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/browsers/chrome.py RENAMED
@@ -1,7 +1,10 @@
1
1
  from dissect.target.helpers.descriptor_extensions import UserRecordDescriptorExtension
2
2
  from dissect.target.helpers.record import create_extended_descriptor
3
3
  from dissect.target.plugin import Plugin, export
4
- from dissect.target.plugins.browsers.browser import GENERIC_HISTORY_RECORD_FIELDS
4
+ from dissect.target.plugins.browsers.browser import (
5
+ GENERIC_DOWNLOAD_RECORD_FIELDS,
6
+ GENERIC_HISTORY_RECORD_FIELDS,
7
+ )
5
8
  from dissect.target.plugins.browsers.chromium import ChromiumMixin
6
9
 
7
10
 
@@ -20,11 +23,19 @@ class ChromePlugin(ChromiumMixin, Plugin):
20
23
  # Macos
21
24
  "Library/Application Support/Google/Chrome/Default",
22
25
  ]
23
- HISTORY_RECORD = create_extended_descriptor([UserRecordDescriptorExtension])(
26
+ BrowserHistoryRecord = create_extended_descriptor([UserRecordDescriptorExtension])(
24
27
  "browser/chrome/history", GENERIC_HISTORY_RECORD_FIELDS
25
28
  )
29
+ BrowserDownloadRecord = create_extended_descriptor([UserRecordDescriptorExtension])(
30
+ "browser/chrome/download", GENERIC_DOWNLOAD_RECORD_FIELDS
31
+ )
26
32
 
27
- @export(record=HISTORY_RECORD)
33
+ @export(record=BrowserHistoryRecord)
28
34
  def history(self):
29
35
  """Return browser history records for Google Chrome."""
30
- yield from ChromiumMixin.history(self, "chrome")
36
+ yield from super().history("chrome")
37
+
38
+ @export(record=BrowserDownloadRecord)
39
+ def downloads(self):
40
+ """Return browser download records for Google Chrome."""
41
+ yield from super().downloads("chrome")
{dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/browsers/chromium.py RENAMED
@@ -1,10 +1,11 @@
1
+ from collections import defaultdict
1
2
  from typing import Iterator
2
3
 
3
4
  from dissect.sql import sqlite3
4
5
  from dissect.sql.exceptions import Error as SQLError
5
6
  from dissect.sql.sqlite3 import SQLite3
6
7
  from dissect.util.ts import webkittimestamp
7
- from flow.record import Record
8
+ from flow.record.fieldtypes import path
8
9
 
9
10
  from dissect.target.exceptions import FileNotFoundError, UnsupportedPluginError
10
11
  from dissect.target.helpers.descriptor_extensions import UserRecordDescriptorExtension
@@ -12,6 +13,7 @@ from dissect.target.helpers.fsutil import TargetPath
12
13
  from dissect.target.helpers.record import create_extended_descriptor
13
14
  from dissect.target.plugin import Plugin, export
14
15
  from dissect.target.plugins.browsers.browser import (
16
+ GENERIC_DOWNLOAD_RECORD_FIELDS,
15
17
  GENERIC_HISTORY_RECORD_FIELDS,
16
18
  try_idna,
17
19
  )
@@ -21,11 +23,14 @@ class ChromiumMixin:
21
23
  """Mixin class with methods for Chromium-based browsers."""
22
24
 
23
25
  DIRS = []
24
- HISTORY_RECORD = create_extended_descriptor([UserRecordDescriptorExtension])(
26
+ BrowserHistoryRecord = create_extended_descriptor([UserRecordDescriptorExtension])(
25
27
  "browser/chromium/history", GENERIC_HISTORY_RECORD_FIELDS
26
28
  )
29
+ BrowserDownloadRecord = create_extended_descriptor([UserRecordDescriptorExtension])(
30
+ "browser/chromium/download", GENERIC_DOWNLOAD_RECORD_FIELDS
31
+ )
27
32
 
28
- def history(self, browser_name: str = None) -> Iterator[Record]:
33
+ def history(self, browser_name: str = None) -> Iterator[BrowserHistoryRecord]:
29
34
  """Return browser history records from supported Chromium-based browsers.
30
35
 
31
36
  Args:
@@ -55,7 +60,7 @@ class ChromiumMixin:
55
60
  for user, db_file, db in self._iter_db("History"):
56
61
  try:
57
62
  urls = {row.id: row for row in db.table("urls").rows()}
58
- visits: dict = {}
63
+ visits = {}
59
64
 
60
65
  for row in db.table("visits").rows():
61
66
  visits[row.id] = row
@@ -67,7 +72,7 @@ class ChromiumMixin:
67
72
  else:
68
73
  from_visit, from_url = None, None
69
74
 
70
- yield self.HISTORY_RECORD(
75
+ yield self.BrowserHistoryRecord(
71
76
  ts=webkittimestamp(row.visit_time),
72
77
  browser=browser_name,
73
78
  id=row.id,
@@ -89,6 +94,66 @@ class ChromiumMixin:
89
94
  except SQLError as e:
90
95
  self.target.log.warning("Error processing history file: %s", db_file, exc_info=e)
91
96
 
97
+ def downloads(self, browser_name: str = None) -> Iterator[BrowserDownloadRecord]:
98
+ """Return browser download records from supported Chromium-based browsers.
99
+
100
+ Args:
101
+ browser_name: The name of the browser as a string.
102
+ Yields:
103
+ Records with the following fields:
104
+ hostname (string): The target hostname.
105
+ domain (string): The target domain.
106
+ ts_start (datetime): Download start timestamp.
107
+ ts_ed (datetime): Download end timestamp.
108
+ browser (string): The browser from which the records are generated from.
109
+ id (string): Record ID.
110
+ path (string): Download path.
111
+ url (uri): Download URL.
112
+ size (varint): Download file size.
113
+ state (varint): Download state number.
114
+ source: (path): The source file of the download record.
115
+ Raises:
116
+ SQLError: If the history file could not be processed.
117
+ """
118
+ for user, db_file, db in self._iter_db("History"):
119
+ try:
120
+ download_chains = defaultdict(list)
121
+ for row in db.table("downloads_url_chains"):
122
+ download_chains[row.id].append(row)
123
+
124
+ for chain in download_chains.values():
125
+ chain.sort(key=lambda row: row.chain_index)
126
+
127
+ for row in db.table("downloads").rows():
128
+ download_path = row.target_path
129
+ if download_path and self.target.os == "windows":
130
+ download_path = path.from_windows(download_path)
131
+ elif download_path:
132
+ download_path = path.from_posix()(download_path)
133
+
134
+ url = None
135
+ download_chain = download_chains.get(row.id)
136
+
137
+ if download_chain:
138
+ url = download_chain[-1].url
139
+ url = try_idna(url)
140
+
141
+ yield self.BrowserDownloadRecord(
142
+ ts_start=webkittimestamp(row.start_time),
143
+ ts_end=webkittimestamp(row.end_time) if row.end_time else None,
144
+ browser=browser_name,
145
+ id=row.get("id"),
146
+ path=download_path,
147
+ url=url,
148
+ size=row.get("total_bytes"),
149
+ state=row.get("state"),
150
+ source=str(db_file),
151
+ _target=self.target,
152
+ _user=user,
153
+ )
154
+ except SQLError as e:
155
+ self.target.log.warning("Error processing history file: %s", db_file, exc_info=e)
156
+
92
157
  def _iter_db(self, filename: str) -> Iterator[SQLite3]:
93
158
  """Generate a connection to a sqlite history database files.
94
159
 
@@ -151,7 +216,12 @@ class ChromiumPlugin(ChromiumMixin, Plugin):
151
216
  "AppData/Local/Chromium/User Data/Default",
152
217
  ]
153
218
 
154
- @export(record=ChromiumMixin.HISTORY_RECORD)
219
+ @export(record=ChromiumMixin.BrowserHistoryRecord)
155
220
  def history(self):
156
221
  """Return browser history records for Chromium browser."""
157
- yield from ChromiumMixin.history(self, "chromium")
222
+ yield from super().history("chromium")
223
+
224
+ @export(record=ChromiumMixin.BrowserDownloadRecord)
225
+ def downloads(self):
226
+ """Return browser download records for Chromium browser."""
227
+ yield from super().downloads("chromium")
{dissect.target-3.8.dev31 → dissect.target-3.8.dev32}/dissect/target/plugins/browsers/edge.py RENAMED
@@ -1,7 +1,10 @@
1
1
  from dissect.target.helpers.descriptor_extensions import UserRecordDescriptorExtension
2
2
  from dissect.target.helpers.record import create_extended_descriptor
3
3
  from dissect.target.plugin import Plugin, export
4
- from dissect.target.plugins.browsers.browser import GENERIC_HISTORY_RECORD_FIELDS
4
+ from dissect.target.plugins.browsers.browser import (
5
+ GENERIC_DOWNLOAD_RECORD_FIELDS,
6
+ GENERIC_HISTORY_RECORD_FIELDS,
7
+ )
5
8
  from dissect.target.plugins.browsers.chromium import ChromiumMixin
6
9
 
7
10
 
@@ -16,11 +19,19 @@ class EdgePlugin(ChromiumMixin, Plugin):
16
19
  # Macos
17
20
  "Library/Application Support/Microsoft Edge/Default",
18
21
  ]
19
- HISTORY_RECORD = create_extended_descriptor([UserRecordDescriptorExtension])(
22
+ BrowserHistoryRecord = create_extended_descriptor([UserRecordDescriptorExtension])(
20
23
  "browser/edge/history", GENERIC_HISTORY_RECORD_FIELDS
21
24
  )
25
+ BrowserDownloadRecord = create_extended_descriptor([UserRecordDescriptorExtension])(
26
+ "browser/edge/download", GENERIC_DOWNLOAD_RECORD_FIELDS
27
+ )
22
28
 
23
- @export(record=HISTORY_RECORD)
29
+ @export(record=BrowserHistoryRecord)
24
30
  def history(self):
25
31
  """Return browser history records for Microsoft Edge."""
26
- yield from ChromiumMixin.history(self, "edge")
32
+ yield from super().history("edge")
33
+
34
+ @export(record=BrowserDownloadRecord)
35
+ def downloads(self):
36
+ """Return browser download records for Microsoft Edge."""
37
+ yield from super().downloads("edge")
dissect.target-3.8.dev32/dissect/target/plugins/browsers/firefox.py ADDED
@@ -0,0 +1,219 @@
1
+ import json
2
+ from typing import Iterator
3
+
4
+ from dissect.sql import sqlite3
5
+ from dissect.sql.exceptions import Error as SQLError
6
+ from dissect.sql.sqlite3 import SQLite3
7
+ from dissect.util.ts import from_unix_ms, from_unix_us
8
+ from flow.record.fieldtypes import path
9
+
10
+ from dissect.target.exceptions import FileNotFoundError, UnsupportedPluginError
11
+ from dissect.target.helpers.descriptor_extensions import UserRecordDescriptorExtension
12
+ from dissect.target.helpers.record import create_extended_descriptor
13
+ from dissect.target.plugin import Plugin, export
14
+ from dissect.target.plugins.browsers.browser import (
15
+ GENERIC_DOWNLOAD_RECORD_FIELDS,
16
+ GENERIC_HISTORY_RECORD_FIELDS,
17
+ try_idna,
18
+ )
19
+
20
+
21
+ class FirefoxPlugin(Plugin):
22
+ """Firefox browser plugin."""
23
+
24
+ __namespace__ = "firefox"
25
+
26
+ DIRS = [
27
+ "AppData/Roaming/Mozilla/Firefox/Profiles",
28
+ "AppData/local/Mozilla/Firefox/Profiles",
29
+ ".mozilla/firefox",
30
+ "snap/firefox/common/.mozilla/firefox",
31
+ ]
32
+ BrowserHistoryRecord = create_extended_descriptor([UserRecordDescriptorExtension])(
33
+ "browser/firefox/history", GENERIC_HISTORY_RECORD_FIELDS
34
+ )
35
+ BrowserDownloadRecord = create_extended_descriptor([UserRecordDescriptorExtension])(
36
+ "browser/firefox/download", GENERIC_DOWNLOAD_RECORD_FIELDS
37
+ )
38
+
39
+ def __init__(self, target):
40
+ super().__init__(target)
41
+
42
+ self.users_dirs = []
43
+ for user_details in self.target.user_details.all_with_home():
44
+ for directory in self.DIRS:
45
+ cur_dir = user_details.home_path.joinpath(directory)
46
+ if not cur_dir.exists():
47
+ continue
48
+ self.users_dirs.append((user_details.user, cur_dir))
49
+
50
+ def check_compatible(self):
51
+ if not len(self.users_dirs):
52
+ raise UnsupportedPluginError("No Firefox directories found")
53
+
54
+ def _iter_db(self, filename: str) -> Iterator[SQLite3]:
55
+ """Yield opened history database files of all users.
56
+
57
+ Args:
58
+ filename: The filename of the database.
59
+ Yields:
60
+ Opened SQLite3 databases.
61
+ """
62
+ for user, cur_dir in self.users_dirs:
63
+ for profile_dir in cur_dir.iterdir():
64
+ if profile_dir.is_dir():
65
+ db_file = profile_dir.joinpath(filename)
66
+ try:
67
+ yield user, db_file, sqlite3.SQLite3(db_file.open())
68
+ except FileNotFoundError:
69
+ self.target.log.warning("Could not find %s file: %s", filename, db_file)
70
+ except SQLError as e:
71
+ self.target.log.warning("Could not open %s file: %s", filename, db_file, exc_info=e)
72
+
73
+ @export(record=BrowserHistoryRecord)
74
+ def history(self) -> Iterator[BrowserHistoryRecord]:
75
+ """Return browser history records from Firefox.
76
+
77
+ Yields BrowserHistoryRecord with the following fields:
78
+ hostname (string): The target hostname.
79
+ domain (string): The target domain.
80
+ ts (datetime): Visit timestamp.
81
+ browser (string): The browser from which the records are generated from.
82
+ id (string): Record ID.
83
+ url (uri): History URL.
84
+ title (string): Page title.
85
+ description (string): Page description.
86
+ rev_host (string): Reverse hostname.
87
+ visit_type (varint): Visit type.
88
+ visit_count (varint): Amount of visits.
89
+ hidden (string): Hidden value.
90
+ typed (string): Typed value.
91
+ session (varint): Session value.
92
+ from_visit (varint): Record ID of the "from" visit.
93
+ from_url (uri): URL of the "from" visit.
94
+ source: (path): The source file of the history record.
95
+ """
96
+ for user, db_file, db in self._iter_db("places.sqlite"):
97
+ try:
98
+ places = {row.id: row for row in db.table("moz_places").rows()}
99
+ visits = {}
100
+
101
+ for row in db.table("moz_historyvisits").rows():
102
+ visits[row.id] = row
103
+ place = places[row.place_id]
104
+
105
+ if row.from_visit and row.from_visit in visits:
106
+ from_visit = visits[row.from_visit]
107
+ from_place = places[from_visit.place_id]
108
+ else:
109
+ from_visit, from_place = None, None
110
+
111
+ yield self.BrowserHistoryRecord(
112
+ ts=from_unix_us(row.visit_date),
113
+ browser="firefox",
114
+ id=row.id,
115
+ url=try_idna(place.url),
116
+ title=place.title,
117
+ description=place.description,
118
+ rev_host=try_idna(place.rev_shot),
119
+ visit_type=row.visit_type,
120
+ visit_count=place.visit_count,
121
+ hidden=place.hidden,
122
+ typed=place.typed,
123
+ session=row.session,
124
+ from_visit=row.from_visit or None,
125
+ from_url=try_idna(from_place.url) if from_place else None,
126
+ source=str(db_file),
127
+ _target=self.target,
128
+ _user=user,
129
+ )
130
+ except SQLError as e:
131
+ self.target.log.warning("Error processing history file: %s", db_file, exc_info=e)
132
+
133
+ @export(record=BrowserDownloadRecord)
134
+ def downloads(self) -> Iterator[BrowserDownloadRecord]:
135
+ """Return browser download records from Firefox.
136
+
137
+ Yields BrowserDownloadRecord with the following fields:
138
+ hostname (string): The target hostname.
139
+ domain (string): The target domain.
140
+ ts_start (datetime): Download start timestamp.
141
+ ts_end (datetime): Download end timestamp.
142
+ browser (string): The browser from which the records are generated from.
143
+ id (string): Record ID.
144
+ path (string): Download path.
145
+ url (uri): Download URL.
146
+ size (varint): Download file size.
147
+ state (varint): Download state number.
148
+ source: (path): The source file of the download record.
149
+ """
150
+ for user, db_file, db in self._iter_db("places.sqlite"):
151
+ try:
152
+ places = {row.id: row for row in db.table("moz_places").rows()}
153
+ attributes = {row.id: row.name for row in db.table("moz_anno_attributes").rows()}
154
+ annotations = {}
155
+
156
+ for row in db.table("moz_annos"):
157
+ attribute_name = attributes.get(row.anno_attribute_id, row.anno_attribute_id)
158
+
159
+ if attribute_name == "downloads/metaData":
160
+ content = json.loads(row.content)
161
+ else:
162
+ content = row.content
163
+
164
+ if row.place_id not in annotations:
165
+ annotations[row.place_id] = {"id": row.id}
166
+
167
+ annotations[row.place_id][attribute_name] = {
168
+ "content": content,
169
+ "flags": row.flags,
170
+ "expiration": row.expiration,
171
+ "type": row.type,
172
+ "date_added": from_unix_us(row.dateAdded),
173
+ "last_modified": from_unix_us(row.lastModified),
174
+ }
175
+
176
+ for place_id, annotation in annotations.items():
177
+ if "downloads/metaData" not in annotation:
178
+ continue
179
+
180
+ metadata = annotation.get("downloads/metaData", {})
181
+
182
+ ts_end = None
183
+ size = None
184
+ state = None
185
+
186
+ content = metadata.get("content")
187
+ if content:
188
+ ts_end = metadata.get("content").get("endTime")
189
+ ts_end = from_unix_ms(ts_end) if ts_end else None
190
+
191
+ size = content.get("fileSize")
192
+ state = content.get("state")
193
+
194
+ dest_file_info = annotation.get("downloads/destinationFileURI", {})
195
+ download_path = dest_file_info.get("content")
196
+
197
+ if download_path and self.target.os == "windows":
198
+ download_path = path.from_windows(download_path)
199
+ elif download_path:
200
+ download_path = path.from_posix(download_path)
201
+
202
+ place = places.get(place_id)
203
+ url = place.get("url")
204
+ url = try_idna(url) if url else None
205
+
206
+ yield self.BrowserDownloadRecord(
207
+ ts_start=dest_file_info.get("date_added"),
208
+ ts_end=ts_end,
209
+ browser="firefox",
210
+ id=annotation.get("id"),
211
+ path=download_path,
212
+ url=url,
213
+ size=size,
214
+ state=state,
215
+ source=str(db_file),
216
+ _target=self.target,
217
+ )
218
+ except SQLError as e:
219
+ self.target.log.warning("Error processing history file: %s", db_file, exc_info=e)