plaso
plaso copied to clipboard
log2timeline
Super timeline all the things
## One line description of pull request Add SQLite parser for iOS Notes file ## Description: We added and modified the following files : - Added a new parser plugin...
## RADAR - Evidence of Execution ## Description A subkey is generated for each process that exceeds the 'HeapLeakDetection' threshold within the scan interval under 'HKLM\Software\Microsoft\RADAR\HeapLeakDetection\DiagnosedApplications'. Further explanations can be...
## One line description of pull request Add SQLite parser for Files by Google (files_master_database) file ## Description: I add/edit several files: - Add import files_by_google to plaso/parsers/sqlite_plugins/__init__.py - Add...
## One line description of pull request Add SQLite parser for Android Airtag (attd_db) file ## Description: I add and modify several files: - Add import android_airtag to plaso/parsers/sqlite_plugins/__init__.py -...
## One line description of pull request Add SQLite parser for Android Native Downloads (downloads.db) file ## Description: I add/edit several files: Add import android_native_downloads to plaso/parsers/sqlite_plugins/init.py Add a new...
Hi, While reviewing the new data types introduced in version 20240826, I've noticed that some of them had attributes names that might clash with output runtime fields. For instance, `teamviewer:connections_incoming:entry`...
## One line description of pull request Add SQLite parser for Android Viber Call (viber_data) file ## Description: I add and modify several files: - Add import android_viber_call to ```plaso/parsers/sqlite_plugins/__init__.py```...
## One line description of pull request Add SQLite parser for iOS Tiktok Contacts (AwemeIM) file ## Description: I add and modify several files: - Add import ios_tiktok_contacts to plaso/parsers/sqlite_plugins/__init__.py...
The project involves adding a parser for iOS Location Services. The ios_locationservices.py file contains a plist parser plugin for the com.apple.routined plist, which extracts and processes event data related to...
Add prediction-related fields to Android App Launch parser - Updated the Android App Launch parser to include additional fields: - prediction_ui_surface_id - prediction_source_id - prediction_rank These fields are extracted from...
