Scalpy [bot]
Scalpy [bot]
(Path to be supplied) Zeek will be implemented in Windows Defender so will run on all endpoints.
* Name services configuration + binaries ** /etc/nsswitch.conf ** all referred libnss_* modules Parse contents of {{nsswitch.conf}} to records. Ideally, collect the paths found in this config file with {{acquire}}...
For IIS we parse the config (using dissect.target’s IIS plugin) to find additional log directories. A similar thing can be done for NginX and Apache. Their respective plugins already have...
when running qwinsta on windows11, it seems that it isn’t compatibe with the version of windows used… which is odd - look if we can run executable in compatibility mode...
- Dump entire config tree as records - Allow globbing/filtering (like the registry functionality)
Branch dissect.target with cstruct patches and dependency on >=4.0.dev
Sometimes we have `/proc` available (local targets or acquires with proc collected). We should add `/proc/sys/kernel/hostname` to the path of files to check for the hostname for Unix targets. (https://github.com/fox-it/dissect.target/blob/a314d250f7e1b40adc841fb526cb5bd32de6159d/dissect/target/plugins/os/unix/_os.py#L144|smart-link)
For files like fstab. Features: - define separator - define optional header line Start with: fstab, crontab, shadow
Add support for certain well-known configuration formats that are one-off/very simple, i.e. oneliners. Add support for custom parsers/API. Allow users to extend configparsers. ~~create a simple catch all~~ , already...
Chromium based browsers can have multiple profiles (and snapshots after updates). We currently only parse the Default profile. Treat it similar to a regular profile with a boolean that says...