Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

2.3.0 #1104

Merged
merged 88 commits into from
Oct 16, 2024
Merged

2.3.0 #1104

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
88 commits
Select commit Hold shift + click to select a range
3e6e8c4
local files, nginx
Feb 19, 2024
9d7f31c
empty clamav with -
Feb 20, 2024
1afbfd5
api test code
Feb 20, 2024
485c4ab
api test code
Feb 20, 2024
3d925d9
vt/maxmind error, update notebook
Feb 21, 2024
29de539
test https, uv
Feb 22, 2024
d3a213b
test dev build
Feb 22, 2024
fc681f6
update changelog
Feb 22, 2024
1e95539
test build
Feb 22, 2024
0f2a1cd
test dev build
Feb 22, 2024
a07f1e5
test dev build
Feb 22, 2024
88ff13f
test dev build
Feb 22, 2024
87a8251
test dev build
Feb 22, 2024
a3e51d4
multiple version
Feb 22, 2024
e7cf9f7
test dev build
Feb 22, 2024
7e6009b
python3.12 - go1.22 - ws updates
Feb 26, 2024
7003a2a
python3.12 - go1.22 - ws updates
Feb 26, 2024
7e4c1f6
#1030 update - #947 method 1
Feb 29, 2024
383dbff
update libs
Mar 4, 2024
44cbe0f
upgrade tree view
Mar 15, 2024
38c132c
fix download dump error
Mar 18, 2024
297640d
keep pip for volatility for shared install path
Mar 19, 2024
ab8ab72
plugin add fix
Mar 19, 2024
0c6a685
plugin add fix
Mar 19, 2024
4aabe06
improve plugin install, regipy plugins
Mar 21, 2024
8e2f02e
do things manually
Mar 21, 2024
cf8d31b
do things manually
Mar 22, 2024
174ba78
fix admin upload plugins
Mar 25, 2024
8460c89
#1068
Mar 26, 2024
c5db366
#1068
Mar 26, 2024
f422790
update changelog
Mar 26, 2024
5755798
#1074
Mar 27, 2024
94355c8
update action
Mar 27, 2024
90c3869
#1074
Mar 29, 2024
385a299
fix 2 py files in same plugin
Mar 29, 2024
9eaefe7
#1074
Mar 29, 2024
ba6c439
hivelist with fire_and_forget, runtimeerror
Mar 29, 2024
a70eb6f
hivelist with fire_and_forget, runtimeerror
Apr 2, 2024
fdc3f50
Add experimental support for ARM64
garanews Apr 4, 2024
be8434d
add arm64 to all linux plugins
garanews Apr 4, 2024
47caca8
#1073 - wip
Apr 4, 2024
715f4f0
Merge branch 'new' of https://github.com/LDO-CERT/orochi into new
Apr 4, 2024
f91bba4
improve create and unzip ui lock
Apr 5, 2024
9587117
fix for linux pslist dump with arm64 and update vol3 commit
garanews Apr 5, 2024
57bc3e7
Merge branch 'new' of https://github.com/LDO-CERT/orochi into new
garanews Apr 5, 2024
471d2a9
update __init__
Apr 5, 2024
940383a
integrity error
Apr 5, 2024
6d31a1c
description if available
Apr 5, 2024
2472e73
update libs, fix small issue
Apr 5, 2024
57ffcb9
update libs, fix small issue
Apr 5, 2024
be19539
#1073 wip
Apr 9, 2024
a639e87
#1073 wip
Apr 11, 2024
131cc57
#1073 wip
Apr 11, 2024
f4296b2
#1073 wip
Apr 16, 2024
dd68e37
#1073 wip
May 20, 2024
30e3535
#1073 wip
Jun 11, 2024
0703234
#1073 wip
Jun 13, 2024
f8c0099
2fa, update libs, yara-x
Jul 30, 2024
58ac078
rule filter fix
Jul 30, 2024
3db9ca2
extra settings
Jul 31, 2024
240433d
#1082
Aug 5, 2024
1323e48
#1082
Aug 5, 2024
d92cf5a
add bodyfile support for timeliner
Aug 6, 2024
9cb16a0
plot bodyfile chart
Aug 6, 2024
b8e506b
plot bodyfile chart
Aug 6, 2024
f299ac2
use go image to build dwarf2json
Aug 7, 2024
a4f89fb
fix: command variables are now in defaults.py
Aug 7, 2024
1f77aa4
update js, python libs
Aug 28, 2024
e26acd2
fix datatables filter on bookmarks
Aug 28, 2024
5a08378
add DEFAULT_FROM_EMAIL settings
Aug 28, 2024
b7a4554
add EMAIL_TIMEOUT settings
Aug 28, 2024
8914119
fix port settings
Aug 28, 2024
5ca417d
email required at signup
Aug 30, 2024
bf72c21
https support in external env
Sep 2, 2024
4a06c6e
https support in external env
Sep 2, 2024
bb6b8e0
#1102
Sep 2, 2024
29afd53
WIP: no elastic + varie
Sep 10, 2024
25b1a17
keep elastic for migration
Sep 11, 2024
8e4188e
fixes, elk migration
Sep 11, 2024
1244dc8
fix import value key
Sep 12, 2024
aed7175
offcanvas left sidebar
Sep 12, 2024
81e446a
speedup value import
Sep 19, 2024
40db320
dask status
Sep 20, 2024
5b3d9a1
#1071
Sep 23, 2024
946253a
use browser history
Sep 25, 2024
17e782f
fix diff_view path
Sep 25, 2024
16b9f81
fix new menu, update libs
Oct 16, 2024
b90df40
Merge branch 'master' into new
dadokkio Oct 16, 2024
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 2 additions & 0 deletions .env.sample
Original file line number Diff line number Diff line change
@@ -1 +1,3 @@
VERSION=latest
REDIS_VERSION=6.2.5
POSTGRES_VERSION=16.2
11 changes: 6 additions & 5 deletions .envs/.local/.django
Original file line number Diff line number Diff line change
Expand Up @@ -14,24 +14,21 @@ EMAIL_PORT=1025
EMAIL_USE_TLS=False
EMAIL_HOST_USER=
EMAIL_HOST_PASSWORD=
DEFAULT_FROM_EMAIL=
EMAIL_TIMEOUT=30

# Redis
# ------------------------------------------------------------------------------
REDIS_URL=redis://redis:6379/0
REDIS_SERVER=redis
REDIS_PORT=6379

# elasticsearch
# ------------------------------------------------------------------------------
ELASTICSEARCH_URL=http://es01:9200

# Dask
# ------------------------------------------------------------------------------
DASK_SCHEDULER_URL=tcp://scheduler:8786

# Orochi
# ------------------------------------------------------------------------------
MAX_ELASTIC_WINDOWS_SIZE=50000
THREAD_NO=10
AWESOME_PATH=https://raw.githubusercontent.com/InQuest/awesome-yara/master/README.md
LOCAL_YARA_PATH=/yara
Expand All @@ -53,6 +50,10 @@ REGIPY_PLUGINS=computer_name,host_domain_name,network_drives_plugin
# ------------------------------------------------------------------------------
DEBUG_LEVEL=WARNING

# Https
# ------------------------------------------------------------------------------
HTTPS=False

# Ldap
# ------------------------------------------------------------------------------
AUTH_LDAP_SERVER_URI=
Expand Down
1 change: 1 addition & 0 deletions .envs/.local/.postgres
Original file line number Diff line number Diff line change
Expand Up @@ -5,3 +5,4 @@ POSTGRES_PORT=5432
POSTGRES_DB=orochi
POSTGRES_USER=debug
POSTGRES_PASSWORD=debug
DATABASE_URL=postgresql://debug:debug@postgres:5432/orochi
9 changes: 7 additions & 2 deletions .pre-commit-config.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -4,18 +4,23 @@ fail_fast: true

repos:
- repo: https://github.com/pre-commit/pre-commit-hooks
rev: v4.5.0
rev: v4.6.0
hooks:
- id: trailing-whitespace
- id: end-of-file-fixer
- id: check-yaml

- repo: https://github.com/psf/black
rev: 24.3.0
rev: 24.10.0
hooks:
- id: black

- repo: https://github.com/timothycrosley/isort
rev: 5.13.2
hooks:
- id: isort

- repo: https://github.com/hadialqattan/pycln
rev: v2.4.0
hooks:
- id: pycln
20 changes: 19 additions & 1 deletion CHANGELOG.md
Original file line number Diff line number Diff line change
@@ -1,6 +1,23 @@
## Changelog

<details open>
<summary><b>OROCHI 2.3.0</b></summary>

* Removed elasticsearch
* Add clamav volume to keep antivirus updated
* Recompile rules via admin command
* Add experimental support for ARM64
* Manage BodyFile file in timeliner plugin
* export/import [[#1102](https://github.com/LDO-CERT/orochi/issues/1102)]
* signal for dump/result changes are very verbose [[#1074](https://github.com/LDO-CERT/orochi/issues/1074)]
* replace drf & co. with django-ninja [[#1073](https://github.com/LDO-CERT/orochi/issues/1073)]
* Add Two-Factor Authentication [[#1099](https://github.com/LDO-CERT/orochi/issues/1099)]
* Admin: Assign multiple dumps to user [[#1082](https://github.com/LDO-CERT/orochi/issues/1082)]
* Multi-arch build and images [[#1098](https://github.com/LDO-CERT/orochi/issues/1098)]
* Custom logo in the login page [[#1083](https://github.com/LDO-CERT/orochi/issues/1083)]
</details>

<details>
<summary><b>OROCHI 2.2.0 [2024/03/26]</b></summary>

* Upload ntoskrnl.exe and generate symbol [[#1020](https://github.com/LDO-CERT/orochi/issues/1020)]
Expand All @@ -11,6 +28,7 @@
* Add use case example with API. [[#248](https://github.com/LDO-CERT/orochi/issues/248)]
* put custom plugins under volatility3 /plugins/ [[#1068](https://github.com/LDO-CERT/orochi/issues/1068)]
* Improve tree rendered plugins
* Execute Regipy plugins on windows images
</details>

<details>
Expand All @@ -20,7 +38,7 @@
* Expand/Collapse folders [[#1006](https://github.com/LDO-CERT/orochi/issues/1006)]
</details>

<details open>
<details>
<summary><b>OROCHI 2.1.0 [2024/02/12]</b></summary>

* add possibility to download all symbols from a given ISF URL [[#1007](https://github.com/LDO-CERT/orochi/issues/1007)]
Expand Down
21 changes: 7 additions & 14 deletions compose/local/__init__.py
Original file line number Diff line number Diff line change
Expand Up @@ -14,6 +14,13 @@

import volatility3.framework.constants.linux
import volatility3.framework.constants.windows
from volatility3.framework.constants._version import (
PACKAGE_VERSION,
VERSION_MAJOR,
VERSION_MINOR,
VERSION_PATCH,
VERSION_SUFFIX,
)

PLUGINS_PATH = [
os.path.abspath(os.path.join(os.path.dirname(__file__), "..", "..", "plugins")),
Expand Down Expand Up @@ -42,20 +49,6 @@
BANG = "!"
"""Constant used to delimit table names from type names when referring to a symbol"""

# We use the SemVer 2.0.0 versioning scheme
VERSION_MAJOR = 2 # Number of releases of the library with a breaking change
VERSION_MINOR = 7 # Number of changes that only add to the interface
VERSION_PATCH = 0 # Number of changes that do not change the interface
VERSION_SUFFIX = ""

# TODO: At version 2.0.0, remove the symbol_shift feature

PACKAGE_VERSION = (
".".join([str(x) for x in [VERSION_MAJOR, VERSION_MINOR, VERSION_PATCH]])
+ VERSION_SUFFIX
)
"""The canonical version of the volatility3 package"""

AUTOMAGIC_CONFIG_PATH = "automagic"
"""The root section within the context configuration for automagic values"""

Expand Down
Loading
Loading