Skip to content

2.9.0
Compare
Choose a tag to compare
@wagga40 wagga40 released this 26 Jul 08:39
· 106 commits to master since this release
2.9.0
da51eae

What's new in v2.9.0 :

  • The mini-GUI now includes a timeline view check the screenshot here
  • You can now use multiple rulesets by using --ruleset or -r multiple times
  • Correct a bug with CSV output
  • Correct a bug with the --limit parameter
  • Removed embedded version related code and formatting. Please use DFIR-ORC if you want an embedded version (docs here).

Known issues

  • For users with an Apple Silicon computer : please use --noexternal to prevent the use of evtx_dump external binaries

⚠️ Some AV may not like the packaged binaries.
⚠️ The set of tests for windows binaries is far from being exhaustive, please create an issue if you encounter difficulties.

Assets 8
Loading