reece394
reece394
DANGER: This commit compromises the security of Tor by completely eliminating the Middle Tor Nodes. It is not recommended to use this without a VPN or another form of anonymisation....
## Description This Pull Request changes the default behaviour when the flag nl is set to false. Before the commit if there are no transaction logs and it detects a...
** SQLECmd version # ** 1.0.0.0 .NET 6 Version **Describe the bug** Using the KAPE SQLECmd: process SQLite databases SQLECmd.mkape rule I attempted to Parse Edge Browsing History. The Edge...
This bumps bitflags up to the latest release 2.7. In order to do this I had to add derive lines to maintain compatibility with the older version. I also had...
I don't know if this project is still actively accepting pull requests but I will upload the fixes I have been putting in for Chainsaw here as well. This pull...
As we experienced in #212 there were several issues discovered with the mft library being used. It turns out a lot of the issues we have been experiencing have already...
As mentioned I have added the DataStreams field to all MFT rules as it might be handy for Zone.Identifiers since #210 has been merged now. Additionally I have worked on...
Thanks @FranticTyping for #210. This will be super useful for creating hunting rules. When testing it with hunt mode I noticed with the SmartScreen ADS it outputs in stream data...
When running chainsaw over whole triage packages the error handling is mostly correct. I.e. [!] failed to load file 'C:\Triage\C\ProgramData\Microsoft\Windows Defender\Support\MpWppTracing-20241201-170000-00000000-fffffffeffffffff.bin' - Bad signature: [0, 10, 0, 0], expected one...
**Describe the bug** As mentioned here https://github.com/KoalaBear84/OpenDirectoryDownloader/pull/114#issuecomment-1157464715 the issue occurs on URLs with # and it gets cut off. I traced this issue to DirectoryParser.cs and specifically the CleanFragments function....