Skip to content

2.7.0
Compare
Choose a tag to compare
@wagga40 wagga40 released this 27 Mar 11:34
· 113 commits to master since this release
2.7.0
b615835

What's new in v2.7.0 :

  • Initial Auditd logs support
  • Initial rules with regex support
  • Colorized output for rule level
  • Updated rules and docs

⚠️ I will probably remove the embedded versions in favor of DFIR ORC packaged versions.

What to download ?

  • [RECOMMENDED] Binaries with "nuitka" in their names were generated with Nuitka and are supposedly faster (but bigger in size)
  • Binaries with "embedded" in their names are self contained and to not need external files to work (even ruleset files)
  • Binaries for Windows 7 have "win7" in their names. Other releases may not work on Windows 7

⚠️ Some AV may not like the packaged binaries. The nuitka version are generally considered OK by most AV.
⚠️ The set of tests for windows binaries is far from being exhaustive, please create an issue if you encounter difficulties.

Assets 8
Loading