CDQR 20191226

Fixed export function
Updated Docker file
Updated parsers list to address issue due to fsevent parser name change

CDQR 20191128

Docker build updates and parser argument support for Plaso v20190916
Updated travis build script to work with python 3.8

CDQR 5.1.0

• Adding support for
  • Plaso v20190708
• Parser Changes
  • Refactored all existing parser lists (Windows, Linux, MacOS, DATT) for Plaso 20190708
  • Added Android parser option
• Report Changes
  • Added following reports
    • amcache
    • bash
    • android
  • Refactored following reports
    • Web History
    • MacOS
    • Linux
    • AntiVirus
    • System Information
    • File System
  • Removed Login report
• Updated Docker build

CDQR 5.0.0

What's New

• Removed plaso version compatibility check
• Added log file names for new Plaso log files
• Changed processing view mode to None
• Changed MFT and USNJRNL processing options
  • Removed from win parser default
  • Added --mft and --usnjrnl flags to use with win parser
  • Created mft_usnjrnl parser that only does those things
• Added Plaso pass through for
  • artifact_filters_file
  • artifact_filters
  • artifact_definitions
  • custom_artifact_definitions
• Made processing archives disabled by default
• Updating README
• Updated Version number
• Updated Docker build for 5.0
• Updated Helper script for 5.0
• Source code formatting updates

CDQR 4.4.0

What's New

• Added accept all defaults option
• Minor bug fixes

CDQR 4.3.0

What's New

• Completed refactor of the parsers for Plaso v20181219 and documented them at the following locations
  • Mac
  • Lin
  • Win
  • DATT

CDQR 4.2.2

Compliance Updates

CDQR 4.2.1

What's New

• Included an optional argument --ignore_archives to not extract and inspect contents of archives found inside of artifacts list or disk image

CDQR 4.2.0

What's New

• Included an optional argument -f to allow filter files to be included

CDQR 4.1.9

What's New

• Flipped how the no dependencies flag works