diff --git a/bin/config.yaml b/bin/config.yaml index 3cc4df8..2804ec3 100644 --- a/bin/config.yaml +++ b/bin/config.yaml @@ -7,16 +7,30 @@ Globs: WindowsChromeProfiles: - C:\Users\*\AppData\{Roaming,Local}/BraveSoftware/Brave*/User Data - C:\Users\*\AppData\{Roaming,Local}/Google/Chrome/User Data + - C:\Users\*\AppData\{Roaming,Local}/Google/Chrome SxS/User Data + - C:\Users\*\AppData\{Roaming,Local}/Google/Chrome Beta/User Data + - C:\Users\*\AppData\{Roaming,Local}/Google/Chrome Dev/User Data + - C:\Users\*\AppData\{Roaming,Local}/Chromium/User Data - C:\Users\*\AppData\{Roaming,Local}/Microsoft/Edge/User Data + - C:\Users\*\AppData\{Roaming,Local}/Microsoft/Edge SxS/User Data + - C:\Users\*\AppData\{Roaming,Local}/Microsoft/Edge Beta/User Data + - C:\Users\*\AppData\{Roaming,Local}/Microsoft/Edge Dev/User Data - C:\Users\*\AppData\{Roaming,Local}\Opera Software\Opera Stable\ MacOSChromeProfiles: - /Users/*/Library/Application Support/BraveSoftware/Brave*/ - /Users/*/Library/Application Support/Google/Chrome/ + - /Users/*/Library/Application Support/Google/Chrome Beta/ + - /Users/*/Library/Application Support/Google/Chrome Canary/ + - /Users/*/Library/Application Support/Google/Chrome Dev/ - /Users/*/Library/Application Support/Microsoft Edge/ + - /Users/*/Library/Application Support/Microsoft Edge Beta/ + - /Users/*/Library/Application Support/Microsoft Edge Canary/ + - /Users/*/Library/Application Support/Microsoft Edge Dev/ + - /Users/*/Library/Application Support/Chromium/ WindowsFirefoxProfiles: - C:\Users\*\AppData\{Roaming,Local}\Mozilla\Firefox\Profiles LinuxFirefoxProfiles: - /home/*/.mozilla/firefox/*.default* - /home/*/snap/firefox/common/.mozilla/firefox/*.default* MacOSFirefoxProfiles: - - /Users/*/Library/Application Support/Firefox/Profiles/*.default* + - /Users/*/Library/Application Support/Firefox/Profiles diff --git a/compile/template.yaml b/compile/template.yaml index cdfef08..c1c12d8 100644 --- a/compile/template.yaml +++ b/compile/template.yaml @@ -93,7 +93,7 @@ parameters: - name: MatchFilename description: | If set we use the filename to detect the type of sqlite file. - When unset we use heristics (slower) + When unset we use heuristics (slower) type: bool default: Y @@ -116,7 +116,7 @@ parameters: default: . - name: All - description: Select all tagrgets + description: Select all targets type: bool default: Y diff --git a/definitions/Firefox_Bookmarks.yaml b/definitions/Firefox_Bookmarks.yaml index b5705f6..64dff46 100644 --- a/definitions/Firefox_Bookmarks.yaml +++ b/definitions/Firefox_Bookmarks.yaml @@ -17,7 +17,7 @@ FilenameRegex: "places.sqlite" Globs: - "{{WindowsFirefoxProfiles}}/*/places.sqlite" - "{{LinuxFirefoxProfiles}}/places.sqlite" - - "{{MacOSFirefoxProfiles}}/places.sqlite" + - "{{MacOSFirefoxProfiles}}/*/places.sqlite" Sources: - Preamble: | diff --git a/definitions/Firefox_Cookies.yaml b/definitions/Firefox_Cookies.yaml index 178f2d7..c76d90a 100644 --- a/definitions/Firefox_Cookies.yaml +++ b/definitions/Firefox_Cookies.yaml @@ -16,7 +16,7 @@ FilenameRegex: "cookies.sqlite" Globs: - "{{WindowsFirefoxProfiles}}/*/cookies.sqlite" - "{{LinuxFirefoxProfiles}}/cookies.sqlite" - - "{{MacOSFirefoxProfiles}}/cookies.sqlite" + - "{{MacOSFirefoxProfiles}}/*/cookies.sqlite" Sources: - VQL: | diff --git a/definitions/Firefox_Downloads.yaml b/definitions/Firefox_Downloads.yaml index 5fdb28c..0bbcb73 100644 --- a/definitions/Firefox_Downloads.yaml +++ b/definitions/Firefox_Downloads.yaml @@ -16,7 +16,7 @@ FilenameRegex: "downloads.sqlite" Globs: - "{{WindowsFirefoxProfiles}}/*/downloads.sqlite" - "{{LinuxFirefoxProfiles}}/downloads.sqlite" - - "{{MacOSFirefoxProfiles}}/downloads.sqlite" + - "{{MacOSFirefoxProfiles}}/*/downloads.sqlite" Sources: - VQL: | diff --git a/definitions/Firefox_Favicons.yaml b/definitions/Firefox_Favicons.yaml index a9fdb01..0ed9a7a 100644 --- a/definitions/Firefox_Favicons.yaml +++ b/definitions/Firefox_Favicons.yaml @@ -16,7 +16,7 @@ FilenameRegex: "favicons.sqlite" Globs: - "{{WindowsFirefoxProfiles}}/*/favicons.sqlite" - "{{LinuxFirefoxProfiles}}/favicons.sqlite" - - "{{MacOSFirefoxProfiles}}/favicons.sqlite" + - "{{MacOSFirefoxProfiles}}/*/favicons.sqlite" Sources: - VQL: | diff --git a/definitions/Firefox_FormHistory.yaml b/definitions/Firefox_FormHistory.yaml index 8e68769..0f1497e 100644 --- a/definitions/Firefox_FormHistory.yaml +++ b/definitions/Firefox_FormHistory.yaml @@ -17,7 +17,7 @@ FilenameRegex: "formhistory.sqlite" Globs: - "{{WindowsFirefoxProfiles}}/*/formhistory.sqlite" - "{{LinuxFirefoxProfiles}}/formhistory.sqlite" - - "{{MacOSFirefoxProfiles}}/formhistory.sqlite" + - "{{MacOSFirefoxProfiles}}/*/formhistory.sqlite" Sources: - VQL: | diff --git a/docs/content/docs/rules/ *Minibuf-1* b/docs/content/docs/rules/ *Minibuf-1* deleted file mode 100644 index ee5657d..0000000 --- a/docs/content/docs/rules/ *Minibuf-1* +++ /dev/null @@ -1 +0,0 @@ -Directory ‘/home/mic/projects/registry-hunter/docs/content/rules/’ does not exist; create? (y or n) \ No newline at end of file diff --git a/docs/content/docs/rules/# *Minibuf-1*# b/docs/content/docs/rules/# *Minibuf-1*# deleted file mode 100644 index ee5657d..0000000 --- a/docs/content/docs/rules/# *Minibuf-1*# +++ /dev/null @@ -1 +0,0 @@ -Directory ‘/home/mic/projects/registry-hunter/docs/content/rules/’ does not exist; create? (y or n) \ No newline at end of file