From 796e0a8e8e9185d4117a6a923bec9145e7404165 Mon Sep 17 00:00:00 2001 From: Yogesh Khatri Date: Sat, 17 Jul 2021 12:10:41 +1000 Subject: [PATCH] Update to 1.4.0 --- CHANGES.txt | 4 ++++ README.md | 4 ++-- extract_apfs_fs.py | 2 +- ios_apt.py | 2 +- mac_apt.py | 2 +- mac_apt_artifact_only.py | 2 +- mac_apt_mounted_sys_data.py | 2 +- 7 files changed, 11 insertions(+), 7 deletions(-) diff --git a/CHANGES.txt b/CHANGES.txt index 076a04e..93619b9 100644 --- a/CHANGES.txt +++ b/CHANGES.txt @@ -1,3 +1,7 @@ +Updates in 20210717 (v1.4.0): + ++ Add parsing of Safari WebExtensions and AppExtensions plist + Updates in 20210716 (v1.3.2): Many contributions from Minoru Kobayashi (@mnrkbys) in this release. diff --git a/README.md b/README.md index 4dc5aca..8bf12ac 100644 --- a/README.md +++ b/README.md @@ -1,8 +1,8 @@ # mac_apt - macOS (and iOS) Artifact Parsing Tool -[![Latest version](https://img.shields.io/badge/version-v1.3-blue)](https://github.com/ydkhatri/mac_apt/releases/tag/v1.3) +[![Latest version](https://img.shields.io/badge/version-v1.4-blue)](https://github.com/ydkhatri/mac_apt/releases/tag/v1.4) [![status](https://img.shields.io/badge/status-stable-green)]() -[![Latest version](https://img.shields.io/badge/version-v1.4.dev-blue)](https://github.com/ydkhatri/mac_apt/releases/tag/v1.4.dev) +[![Latest version](https://img.shields.io/badge/version-v1.5.dev-blue)](https://github.com/ydkhatri/mac_apt/releases/tag/v1.5.dev) [![status](https://img.shields.io/badge/status-development-orange)]() mac_apt is a DFIR (Digital Forensics and Incident Response) tool to process Mac computer full disk images (**or _live_ machines**) and extract data/metadata useful for forensic investigation. It is a python based framework, which has plugins to process individual artifacts (such as Safari internet history, Network interfaces, Recently accessed files & volumes, ..) diff --git a/extract_apfs_fs.py b/extract_apfs_fs.py index 522d2fb..19049ba 100644 --- a/extract_apfs_fs.py +++ b/extract_apfs_fs.py @@ -36,7 +36,7 @@ from plugin import * from uuid import UUID -__VERSION = "1.3.2" +__VERSION = "1.4.0" __PROGRAMNAME = "APFS metadata extract Tool" __EMAIL = "yogesh@swiftforensics.com" diff --git a/ios_apt.py b/ios_apt.py index e438433..39cc20d 100644 --- a/ios_apt.py +++ b/ios_apt.py @@ -26,7 +26,7 @@ import textwrap from plugin import * -__VERSION = "1.3.2" +__VERSION = "1.4.0" __PROGRAMNAME = "iOS Artifact Parsing Tool" __EMAIL = "yogesh@swiftforensics.com" diff --git a/mac_apt.py b/mac_apt.py index 169bc74..a468de3 100644 --- a/mac_apt.py +++ b/mac_apt.py @@ -36,7 +36,7 @@ from plugin import * from uuid import UUID -__VERSION = "1.3.2" +__VERSION = "1.4.0" __PROGRAMNAME = "macOS Artifact Parsing Tool" __EMAIL = "yogesh@swiftforensics.com" diff --git a/mac_apt_artifact_only.py b/mac_apt_artifact_only.py index 62f1f29..dde4ec7 100644 --- a/mac_apt_artifact_only.py +++ b/mac_apt_artifact_only.py @@ -29,7 +29,7 @@ import textwrap from plugin import * -__VERSION = "1.3.2" +__VERSION = "1.4.0" __PROGRAMNAME = "macOS Artifact Parsing Tool - Artifact Only mode" __EMAIL = "yogesh@swiftforensics.com" diff --git a/mac_apt_mounted_sys_data.py b/mac_apt_mounted_sys_data.py index 9b998c8..a264425 100644 --- a/mac_apt_mounted_sys_data.py +++ b/mac_apt_mounted_sys_data.py @@ -32,7 +32,7 @@ from plugins.helpers.disk_report import * from plugin import * -__VERSION = "1.3.2" +__VERSION = "1.4.0" __PROGRAMNAME = "macOS Artifact Parsing Tool - SYS DATA Mounted mode" __EMAIL = "yogesh@swiftforensics.com"