Skip to content

Releases: DFIR-ORC/dfir-orc

v10.0.10

09 Apr 17:10
@jgautier-anssi jgautier-anssi
v10.0.10
77cb202
This commit was signed with the committer’s verified signature.
fabienfl-orc fabienfl
GPG key ID: 38B0D7BBDDF38C4C
Learn about vigilant mode.
Compare
Choose a tag to compare
v10.0.10

Changes:

  • 77cb202 Merge branch 'dev'
  • 53973a4 vcpkg: update for fix on libressl patch

This list of changes was auto generated.

Assets 10
Loading

v10.0.9

19 Mar 16:49
@jgautier-anssi jgautier-anssi
v10.0.9
b5f71fa
This commit was signed with the committer’s verified signature.
fabienfl-orc fabienfl
GPG key ID: 38B0D7BBDDF38C4C
Learn about vigilant mode.
Compare
Choose a tag to compare
v10.0.9

Changes:

  • b5f71fa Merge branch 'dev'
  • 533f27c Update azure-pipelines.yml for Azure Pipelines
  • 81dfe67 Revert "OrcLib: CsvFileWriter: fix access violation with write buffer"
  • 477c9c4 OrcCommand: GetThis: fix missing matching ADS
  • 4c408be OrcCommand: GetThis: fix ignored option 'compression'
  • f5e20a0 OrcCommand: GetThis: fix extra HashStream made
  • b7a55e3 OrcCommand: GetThis: fix offlimit hash always done even if hash=""
  • 15b68aa OrcCommand: GetThis: fix hash option parsing
  • 72772c4 OrcCommand: UtilitiesMain: make logger L mutable for const methods
  • 6c7a97b OrcCommand: GetThis: clang-format
See More
  • 8b4b5b2 OrcLib: TableOutputWrite: WriteToFile: add fs::path support
  • 58a89b1 OrcLib: ZipCreate: accept empty string for compression level
  • f5d5db3 OrcLib: ArchiveAgent: handle optional archive password
  • 26e884e OrcLib: FileStream: remove unneeded checks
  • 62002bf OrcLib: ArchiveCreate: add wrapper to handle fs::path
  • 9ebc08c OrcLib: ArchiveUpdateCallback: remove loop
  • 597eea0 OrcLib: ArchiveUpdateCallback: replace dynamic cast with visitor pattern
  • c9578b1 OrcLib: add visitor pattern to ByteStream
  • df2059e Merge branch 'dev'
  • 2150b5e vcpkg: fix libressl for windows xp
  • ddc4834 OrcCommand: GetThis: replace yara rules delimiter with ';'
  • 1d3f261 OrcOptRowColumnLib: fix missing header
  • 7a034b1 Merge branch 'fabienfl/68_getthis_speed_optimization' into dev
  • 6b57208 OrcCommand: GetThis: optimize "sample name" container for lookup
  • 100356e OrcCommand: GetThis: optimize "already seen sample" container for lookup
  • 26a082f OrcLib: GetThis: optimize comparison method
  • 7ce76eb OrcCommand: GetThis: fix empty hash option
  • 284d3f1 keep only string_view overloads
  • f76dbea Merge branch 'dev' of ssh://certfr-tfs.cossi.internet:22/tfs/CERT-FR/_git/dfir-orc into dev
  • ca5e204 Avoid using default LogWriter when creating a stream to Log to (LogToStream). It would raise an expection from concurrency runtime (locks cannot be rentered). This is temporary fix until the spdlog overhaul
  • 6df96aa Merge branch 'master' into dev
  • 00fa286 Merge branch 'dev'
  • 9953e26 OrcLib: Authenticode: fix memory leak
  • 3b12f88 OrcLib: Authenticode: simplify catalog context cleaning
  • 5884a8c Removing concurrent dead code
  • 4fa88d2 Less includes
  • 8fd9baf Update vcpkg
  • 6154757 Merge branch 'dev' of ssh://certfr-tfs.cossi.internet:22/tfs/CERT-FR/_git/dfir-orc into dev
  • e23c970 include windows.h instead of winnt.h
  • 6baa1d5 Update README.md to reflect addition of ORC_BUILD_COMMAND
  • 5b4f2c3 Add option to avoid compiling OrcCommand (when only OrcLib is necessary for instance)
  • ec77e63 Merge branch 'master' into dev
  • 0c2892a Merge branch 'dev'
  • 568119f OrcLib: libpehash-peutils: fix read access violation when parsing PE
  • 2732bd0 OrcLib: PEInfo: fix possible high mem usage with corrupted PE headers
  • 871ab61 OrcLib: Authenticode: fix memory leak on HCERTSTORE
  • 009a785 Merge branch 'master' into dev
  • f859af1 Merge branch 'dev'
  • 168af05 cmake: fix possible build failure depending on path
  • db55e1d Merge branch 'master' into dev
  • 8a0f32b Merge branch 'dev'
  • c68d353 OrcLib: CsvFileWriter: fix access violation with write buffer
  • c80a3af OrcLib: WinApiHelper: fix warning with missing cast
  • 6a0dce8 cmake: GitInfo: parse semver string to define major, minor, patch
  • 943fa9a cmake: GitInfo: rename functions and fix description
  • 8cd2abc remove inline statement
  • 0274d2a NtfsInfo: fix timestamp column
  • b6b5409 Fix endless loop in NTFSUtil
  • e32b3ff OrcCommand: WolfLauncher: fix 'offline' option
  • 508732f OrcCommand: fix unescaped spaces in argv when creating child process
  • ab274f4 Orc: add option to configure meta product name/version
  • 6f6cbbb tools: rcedit: change log level from debug to error
  • db9a3aa OrcCommand: add OrcCommand.rc
  • db95799 add option to customize orc and fastfind icon
  • 71c3a39 Added desired file name for extension libraries
  • 2d8cd5b Adding support NTFSUtil /BitLocker to display BitLocker metadata
  • 9e9536c Nicer tool enumeration
  • 1fa827d Merge remote-tracking branch 'origin/dev'
  • 834c2ad Improve Apache Orc support
  • bae7c9b Align message correctly
  • 22ae36f All columns can be omitted (and have null values). Arrow does not tolerate this error anymore.
  • b06db83 Fix VolumeID column type
  • 3732e79 OrcParquet: Add OrcParquet.dll to ressources when Parquet is enabled
  • 0308d07 FileInfo: Fix error message arg
  • 81fc633 Merge branch 'github#13/csv_escape_quote' into dev
  • 4ca3edd OrcLib: CsvFileWriter: Unescaped double quote characters in csv files [ #13, windows/dfir-orc#24 ]
  • f5320d8 Revert "OrcLib: add FmtFormatter/EscapeQuote.h"
  • d509c80 OrcLib: add FmtFormatter/EscapeQuote.h
  • 88a3e9f OrcLib: Buffer: fix push_back(_T&&)
  • 2932b30 Fix usage output for available tools
  • 19749e1 Fix FRN/USN/VolumeId format string
  • 2733124 tools: rcedit: set default log level to 'info'
  • ca8ab1f OrcCommand: ToolVersion: optimize compilation
  • 91c1161 cmake: GitInfo: add option to define .git directory
  • e22b63b cmake: handle 'install' command
  • f2294f6 cmake: move version parsing closer to GitInfo call
  • 744206f cmake: GitInfo: add '--always' to SEMANTIC_VERSION to be always successful
  • 1c886ff cmake: add default version to 0 when tag is not found
  • 2d8ea15 cmake: GitInfo: use default 'git describe' hash length
  • c1dba49 OrcCommand: update PrintHeader display
  • eef127c rename version preprocessor variables
  • 52f0a8b OrcCommand: ToolVersion: fill version with git tag
  • 50f5430 OrcCommand: rename 'ToolVersion.h' to 'ToolVersion.h.in'
  • ed8b4cc cmake: add GitInfo.cmake
  • 28c5ea9 cmake: vcpkg: add option VCPKG_OVERLAY_TRIPLETS
  • 223a0e1 cmake: vcpkg: add option OVERLAY_PORTS
  • 6fdd784 cmake: vcpkg: upgrade package on install without NO_UPGRADE option
  • 21cecf0 cmake: vcpkg: cache CMAKE_TOOLCHAIN_FILE value instead of PARENT_SCOPE
  • 41f3623 cmake: vcpkg: cache VCPKG_TARGET_TRIPLET value instead of PARENT_SCOPE
  • fddaeae vcpkg: remove build option from vcpkg_install
  • e5ef809 vcpkg: update submodule
  • d739c10 OrcParquetLib: fix build with 0.15.1
  • 07981e8 cmake: OrcLib: fix missing target dependency
  • fb17bbc tools: publish: remove directory
  • 8145ca3 vcpkg: update to 2019.11
  • a58087d FastFind: add target architecture in output filename
  • b7bbc2a cmake: enforce building with correct toolchain
  • 31d92d0 OrcCommand: ToolEmbed: fix usage
  • eb4c132 Fix typos ...
Read more
Assets 10
Loading