Skip to content

Dependencies

Jump to bottom
Joachim Metz edited this page Jun 1, 2017 · 15 revisions

Notes on other projects depending on artifact definitions

GRR

https://github.com/google/grr/blob/master/grr/config/artifacts.py

  • LinuxHardwareInfo
  • LinuxRelease
  • LinuxUserProfiles
  • MacOSUsers (legacy: OSXUsers)
  • OSXSPHardwareDataType
  • RootDiskVolumeUsage
  • WindowsCodePage (legacy: WinCodePage)
  • WindowsDomainName (legacy: WinDomainName)
  • WindowsEnvironmentVariableAllUsersAppData (legacy: AllUsersAppDataEnvironmentVariable)
  • WindowsEnvironmentVariableAllUsersProfile (legacy: AllUsersProfileEnvironmentVariable)
  • WindowsEnvironmentVariablePath (legacy: WinPathEnvironmentVariable)
  • WindowsEnvironmentVariableProgramFiles (legacy: ProgramFiles)
  • WindowsEnvironmentVariableProgramFilesX86 (legacy: ProgramFilesx86)
  • WindowsEnvironmentVariableSystemDrive (legacy: SystemDriveEnvironmentVariable)
  • WindowsEnvironmentVariableSystemRoot (legacy: SystemRoot)
  • WindowsEnvironmentVariableTemp (legacy: TempEnvironmentVariable)
  • WindowsEnvironmentVariableWinDir (legacy: WinDirEnvironmentVariable)
  • WindowsRegistryCurrentControlSet (legacy: CurrentControlSet)
  • WindowsRegistryProfiles
  • WindowsTimezone (legacy: WinTimeZone)
  • WindowsUserShellFolders (legacy: UserShellFolders)
  • WMIAccountUsersDomain
  • WMIComputerSystemProduct
  • WMILogicalDisks
  • WMIProfileUsersHomeDir

https://github.com/google/grr/endtoend_tests/artifacts.py

  • WindowsEnvironmentVariablePath (legacy: WinPathEnvironmentVariable)
  • WindowsEnvironmentVariableTemp (legacy: TempEnvironmentVariable)
  • WindowsEnvironmentVariableWinDir (legacy: WinDirEnvironmentVariable)
  • WindowsUserShellFolders (legacy: UserShellFolders)

https://github.com/google/grr/blob/master/grr/lib/artifact_test.py

  • LinuxPasswdHomedirs
  • LinuxRelease
  • LinuxWtmp
  • MacOSUsers (legacy: OSXUsers)
  • NetgroupConfiguration
  • NssCacheLinuxPasswdHomedirs

https://github.com/google/grr/blob/master/grr/lib/artifact_utils_test.py

  • MacOSUsers (legacy: OSXUsers)

https://github.com/google/grr/blob/master/grr/parsers/cron_file_parser.py

  • LinuxCronTabs
  • MacOSCronTabs (legacy: OSXCronTabs)

https://github.com/google/grr/blob/master/grr/lib/flows/general/artifact_fallbacks_test.py

  • WindowsEnvironmentVariableSystemRoot (legacy: SystemRoot)

https://github.com/google/grr/blob/master/grr/lib/flows/general/collectors_core_artifacts_test.py

  • WindowsEnvironmentVariableSystemDrive (legacy: SystemDriveEnvironmentVariable)
  • WindowsEnvironmentVariableSystemRoot (legacy: SystemRoot)
  • WindowsEnvironmentVariableWinDir (legacy: WinDirEnvironmentVariable)

https://github.com/google/grr/blob/master/grr/lib/flows/general/filesystem.py

  • WindowsEnvironmentVariableSystemRoot (legacy: SystemRoot)

https://github.com/google/grr/blob/master/grr/parsers/osx_file_parser.py

  • MacOSLaunchAgentsPlistFiles (legacy: OSXLaunchAgents, OSXLaunchAgentsPlistFiles)
  • MacOSLaunchDaemonsPlistFiles (legacy: OSXLaunchDaemons, OSXLaunchDaemonsPlistFiles)
  • OSXSPHardwareDataType
  • MacOSUsers (legacy: OSXUsers)

https://github.com/google/grr/blob/master/grr/parsers/windows_registry_parser.py

  • WindowsCodePage (legacy: WinCodePage)
  • WindowsEnvironmentVariableAllUsersAppData (legacy: AllUsersAppDataEnvironmentVariable)
  • WindowsEnvironmentVariablePath (legacy: WinPathEnvironmentVariable)
  • WindowsEnvironmentVariableTemp (legacy: TempEnvironmentVariable)
  • WindowsEnvironmentVariableWinDir (legacy: WinDirEnvironmentVariable)
  • WindowsRegistryCurrentControlSet (legacy: CurrentControlSet)
  • WindowsUserShellFolders (legacy: UserShellFolders)

Plaso (log2timeline)

Clone this wiki locally