Skip to content

Releases: WithSecureLabs/chainsaw

v2.16.0

Choose a tag to compare

@github-actions github-actions released this 09 May 10:08
b3d6a94

This release contains the following changes of note:

  • Adds an EVTX summary command (#231)
  • Brings in some fixes from the MFT library (#211)

v2.15.0

Choose a tag to compare

@github-actions github-actions released this 27 Apr 16:48
3069843

This release contains the following changes of note:

  • A new type of analysis, gap analysis which will look for potential gaps in event logs, thanks to @Fuzzdkk (#228).
  • Bumps dependencies.

v2.14.1

Choose a tag to compare

@github-actions github-actions released this 14 Feb 18:25
39f9e40

This release contains the following changes of note:

  • Aligns release and tagging numbers for downstream pipelines.

v2.14.0

Choose a tag to compare

@github-actions github-actions released this 14 Feb 12:40
46a238a

This release contains the following changes of note:

  • handle multiple separate sigma rules in a single file (#223)
  • update to use the new version of the evtx library

v2.13.1

Choose a tag to compare

@github-actions github-actions released this 07 Oct 19:39
8462fa2

This release contains the following changes of note:

  • Fixes datetime parsing when hunting/searching MFTs.

v2.13.0

Choose a tag to compare

@github-actions github-actions released this 04 Oct 10:12
ff392fa

This release contains the following changes of note:

  • Replaces dead upstream libraries with downstream replacements
    • Handles the bitrot in notatin
    • Applies bug fix PRs and handles bitrot in mft

v2.13.0-beta.0

v2.13.0-beta.0 Pre-release
Pre-release

Choose a tag to compare

@github-actions github-actions released this 20 Aug 19:19
3981b32

This release contains the following changes of note:

  • Replaces dead upstream libraries with downstream replacements
    • Handles the bitrot in notatin
    • Applies bug fix PRs and handles bitrot in mft

v2.12.0-1

Choose a tag to compare

@github-actions github-actions released this 22 Mar 12:51
d93f368

This release contains the following changes of note:

  • See v2.12.0 this just fixes CI/CD bitrot...

v2.12.0

Choose a tag to compare

@github-actions github-actions released this 22 Mar 12:25
70c3268

This release contains the following changes of note:

v2.11.0

Choose a tag to compare

@FranticTyping FranticTyping released this 28 Dec 18:22

This release contains the following changes of note:

  • Improvements to the MFT parser, allowing data streams to be extracted, decoded and written to disk.
  • Decoded MFT Datastreams can now be queried via the Search command and via the Hunt Command.

Additional information in the related PR: #210

This release addresses #190 #191. Thanks to @IppSec for the suggestion.