Releases v0.8.0
v0.8.0 - 2024-03-18
Added
Support for querying any SQLITE database via artemis API
macOS Spotlight parser!
Optional args to all Linux artifacts
Windows XPRESS decompression support without API calls. Decompression code from https://github.com/ForensicRS/frnsc-prefetch project (MIT)
Changed
Updates to webui
Made most Windows artifacts use alt_file or alt_dir arguements. Removed alt_drive options for most artifacts
Combined all supported forensic artifacts. Can parse all supported forensic artifacts on any OS that can run artemis
Fixed
Issue where artemis would fail to parse NTFS $SDS file data
Dependencies
ArtemisApi
Support for querying macOS TCC.db files
Support for parsing RPM sqlite database
Updated UnifiedLog macOS support
Support for querying Chromium Cookies database
Support for querying Chromium Autofill database
Support for querying Firefox Cookies database
Support for parsing Chromium bookmarks
Support for parsing VSCode extensions
Parse some macOS Xprotect entries
You can’t perform that action at this time.
