DRAKVUF Sandbox v0.19.0-alpha1

Changelog: TBD

Full Changelog: v0.18.2...v0.19.0-alpha1

DRAKVUF Sandbox v0.18.2

Installation guide: See Getting started section in documentation.

Warning: Building package for Debian Bullseye doesn't work.

Changelog:
TBD

DRAKVUF Sandbox v0.18.1

Installation guide: See Getting started section in documentation.

Warning: Importing snapshot to ZFS storage doesn't work. Fixed in #666 😈 (release v0.18.2 soon...)

Changelog:

• drakrun: Ensure OS_INFO.json exists before accessing it (#658) (#661)

DRAKVUF Sandbox v0.18.0 Adiós Edition

Installation guide: See Getting started section in documentation.

Warning: Upgrading from previous version may fail with missing OS_INFO.json.

Changelog:

• Update shadow_memory to 32 (#649) (contributed by @manorit2001)
• Add analysis_uid to metadata.json (#647)
• Add root check before sanity test (#640) (contributed by @manorit2001)
• Add ApiScout profile to do_export_full and do_import_full (#630)
• Bump snapshot version for generating OS_INFO.json (#643)
• drakrun: Add missing T_64PCHAR pdbparse base_types (#642) (contributed by @Jack28)
• drakrun: Dump raw guest VM memory feature (#621) (contributed by @pavveu7)
• Add missing advapi32.dll in drakpdb.py (#631)
• drakrun: Add apiscout profiles (#625)
• debian: Install systemd units to /lib/systemd (#628)
• draksetup: Check for missing default.target.wants (#617)
• Fix GUID_AGE in $METADATA (#618)
• drakrun, drakcore: Reraise exceptions for karton (#616)
• Extract macros only from some office formats (#610)
• Stop relying on NtTerminateProcess in pstree (#607)
• drakrun: Silence benign errors (#606)
• Improve help messages (#612, #645)

DRAKVUF Sandbox v0.18.0-rc2

DRAKVUF Sandbox v0.18.0-rc2 (#652)

DRAKVUF Sandbox v0.17.2

Changelog:

• Fixed RTF file analysis (#610)

DRAKVUF Sandbox v0.17.1

Changelog:

• Silenced sample errors (#606)
• Fixed process tree generation (#607)

DRAKVUF Sandbox v0.17.0

Installation guide: See Getting started section in documentation.

Changelog:

• Introduced arch-based prefixes to profile names (#600)
• Rewrtitten process tree generation in postprocess (#599)
• Updated usage report domain (#592)
• Fixed running VBS scripts (#588)
• Added run command to drakplayground (#586)
• Added support for ppt, pptx, js and hta extensions (#583)
• API hammering values are now correctly handled (#582)
• Removed metadata.json from analysis tasks and added metadata as payload (#573, #575)
• Removed dependency on ntfs-3g (#572)
• Separated DLL profiles into compulsory and optional (#564)
• Implemented unit tests for VM class (#496)
• Added sanity checks to sample extension handling (#545)
• Added plugin list to analysis metadata (#565)
• Fixed qcow2 handling in draksetup (#567)
• Allow starting analysis without any plugins enabled (#561)
• Added new commands - mount and help to drakplayground (#555)
• Updated recommended Xen flags (#544)
• Fixed bullet point rendering in docs (#552)
• Ensure that postprocess doesn't generate empty resources (#550)
• Removed unused --json-combase from DRAKVUF command ine (#540)
• Updated dates in web UI footer (#537)

DRAKVUF Sandbox v0.17.0-rc2

Bump DRAKVUF (#593)

DRAKVUF Sandbox v0.16.1

Installation guide: See Basic installation section in README.md.

Changelog:

• c3rb3ru5d3d53c - Remove --json-combase from DRAKVUF command line (#540)
• Hubert Jasudowicz - Bump DRAKVUF (#533)
• Hubert Jasudowicz - scripts: Add bump_version.py (#532)
• Konstanty Cieśliński - apply new, more generic analysis format (#503)
• Adam Kliś - Fix procdot graph generation issue (#531)
• Hubert Jasudowicz - Bump version to 0.16.0 (#530)
• Hubert Jasudowicz - drakpdb: Add ImageBase to profiles (#529)
• Hubert Jasudowicz - drakpdb: Add GdiPlus (#527)
• Hubert Jasudowicz - scripts: Add split_log.sh (#525)
• Hubert Jasudowicz - e2e: Depend on drakcore being up when contacting drak-web (#528)
• Hubert Jasudowicz - drakcore: Bump msql to 1.2.2 (#526)
• Hubert Jasudowicz - drakrun: Attach profiles to analyses (#504)
• Hubert Jasudowicz - examples: Remove unused imports from consumer.py (#522)
• Hubert Jasudowicz - drakrun: Sort plugin list (#521)
• Hubert Jasudowicz - draksetup: Cleanup kernel PDB file (#519)
• Hubert Jasudowicz - drakpdb: Fix profile generation for a few PDBs (#518)
• Michał Leszczyński - drakcore: fix drak-gen-ptxed, unregister it from postprocessing (#517)
• Michał Leszczyński - ipt: add missing cmdline option (#516)
• Michał Leszczyński - drakrun: fix IPT support (#512)
• Michał Leszczyński - drakrun: increase injection timeout to 60 seconds (#514)
• Michał Leszczyński - drakvuf: include codemon fix (#513)
• Michał Leszczyński - drakrun: more verbosity (#511)
• Michał Leszczyński - README: Add organization logos (#507)
• Michał Leszczyński - bump DRAKVUF to ipt-enabled version (#506)
• Manorit Chawdhry - drakrun: fix and add network tests (#481)
• Manorit Chawdhry - drakrun: regression docs improvement (#505)
• Manorit Chawdhry - drakrun: LVM backend unit tests (#480)
• Hubert Jasudowicz - drakrun: Dump regression tester (#500)
• Hubert Jasudowicz - Bump karton to 4.2.0 (#501)
• Michał Leszczyński - drakrun: add config.ini option for enabling anti-API hammering (#494)
• Hubert Jasudowicz - drakrun: Fix test mode (#499)
• Manorit Chawdhry - drakrun: usermode profile generation using Injector (#486)
• Hubert Jasudowicz - drakrun: Add missing symlink to drakplayground (#493)
• Hubert Jasudowicz - drakcore: Remove drak-archiver (#491)
• Hubert Jasudowicz - drakrun: Add support for test analyses (#489)
• Hubert Jasudowicz - playground: Fix cleanup call (#488)
• Michał Leszczyński - ci: fix package builds (#487)