Release dissect 3.12 (#45)

pyrco released this 26 Jan 13:45

· 13 commits to main since this release

Highlights

New platforms

The FortiOS platform is now supported as a Linux sub-OS

New filesystem support

jffs is now also available in dissect.target

Filesystem improvements

Sparse indirect blocks in ExtFS now work properly
Improved parsing of complex ACLs in NTFS

New plugins

A PuTTY plugin is added to the apps/ssh section
A Citrix Netscaler webserver logs plugin is added to the apps/webservers section
A SchedLgU plugin to parse SchedLgU.txt logs is added to the os/windows/log section

Misc changes

Speed improvements in reading esedb records
Virtual NTFS filesystems are now acquired properly
Acquired files from case insensitive filesystems are now correctly de-duplicated
Numerous miscellaneous Linux and Windows artifacts are added to acquire to be collected
TargetPath now supports Python 3.12 (and as a consequence so does the whole of dissect)
The Yara plugin is now supported by using our own pre-build yara-python-wheel pypi repository
target-shell now has more cyber
fuse3 support is added to target-mount

Contributors

Thanks to our contributors for making this release possible:

@burneykb
@diversenok
@JSCU-CNI
@MaxGroot
@Repsay
@JazzCore
@ydkhatri
@Zawadidone

Full Changelogs

dissect: 3.11 → 3.12
https://github.com/fox-it/dissect/releases/tag/3.12
dissect.btrfs: 💤1.1 (no changes)
https://github.com/fox-it/dissect.btrfs/releases/tag/1.1
dissect.cim: 💤3.7 (no changes)
https://github.com/fox-it/dissect.cim/releases/tag/3.7
dissect.clfs: 💤1.6 (no changes)
https://github.com/fox-it/dissect.clfs/releases/tag/1.6
dissect.cstruct: 3.11 → 3.12
https://github.com/fox-it/dissect.cstruct/releases/tag/3.12
dissect.esedb: 3.10 → 3.11
https://github.com/fox-it/dissect.esedb/releases/tag/3.11
dissect.etl: 💤3.7 (no changes)
https://github.com/fox-it/dissect.etl/releases/tag/3.7
dissect.eventlog: 💤3.6 (no changes)
https://github.com/fox-it/dissect.eventlog/releases/tag/3.6
dissect.evidence: 💤3.7 (no changes)
https://github.com/fox-it/dissect.evidence/releases/tag/3.7
dissect.executable: 💤1.4 (no changes)
https://github.com/fox-it/dissect.executable/releases/tag/1.4
dissect.extfs: 3.7 → 3.8
https://github.com/fox-it/dissect.extfs/releases/tag/3.8
dissect.fat: 💤3.7 (no changes)
https://github.com/fox-it/dissect.fat/releases/tag/3.7
dissect.ffs: 💤3.6 (no changes)
https://github.com/fox-it/dissect.ffs/releases/tag/3.6
dissect.hypervisor: 3.10 → 3.11
https://github.com/fox-it/dissect.hypervisor/releases/tag/3.11
dissect.jffs: 💤1.0 (no changes)
https://github.com/fox-it/dissect.jffs/releases/tag/1.0
dissect.ntfs: 3.7 → 3.8
https://github.com/fox-it/dissect.ntfs/releases/tag/3.8
dissect.ole: 💤3.6 (no changes)
https://github.com/fox-it/dissect.ole/releases/tag/3.6
dissect.regf: 💤3.8 (no changes)
https://github.com/fox-it/dissect.regf/releases/tag/3.8
dissect.shellitem: 💤3.6 (no changes)
https://github.com/fox-it/dissect.shellitem/releases/tag/3.6
dissect.sql: 💤3.7 (no changes)
https://github.com/fox-it/dissect.sql/releases/tag/3.7
dissect.squashfs: 💤1.3 (no changes)
https://github.com/fox-it/dissect.squashfs/releases/tag/1.3
dissect.target: 3.14 → 3.15
https://github.com/fox-it/dissect.target/releases/tag/3.15
dissect.thumbcache: 💤1.6 (no changes)
https://github.com/fox-it/dissect.thumbcache/releases/tag/1.6
dissect.util: 3.13 → 3.14
https://github.com/fox-it/dissect.util/releases/tag/3.14
dissect.vmfs: 💤3.6 (no changes)
https://github.com/fox-it/dissect.vmfs/releases/tag/3.6
dissect.volume: 3.7 → 3.8
https://github.com/fox-it/dissect.volume/releases/tag/3.8
dissect.xfs: 3.6 → 3.7
https://github.com/fox-it/dissect.xfs/releases/tag/3.7

Contributors

JazzCore, burneykb, and 6 other contributors

Assets 2