Added WindowsMountedDevices definition (#442)

ForensicArtifacts · Nov 7, 2021 · b3b6577 · b3b6577
1 parent 7e2ddcc
commit b3b6577
Show file tree

Hide file tree

Showing 6 changed files with 22 additions and 13 deletions.
diff --git a/artifacts/__init__.py b/artifacts/__init__.py
@@ -1,4 +1,4 @@
 # -*- coding: utf-8 -*-
 """ForensicArtifacts.com Artifact Repository."""
 
-__version__ = '20211012'
+__version__ = '20211107'
diff --git a/config/dpkg/changelog b/config/dpkg/changelog
@@ -1,5 +1,5 @@
-artifacts (20211012-1) unstable; urgency=low
+artifacts (20211107-1) unstable; urgency=low
 
   * Auto-generated
 
- -- Forensic artifacts <forensicartifacts@googlegroups.com>  Tue, 12 Oct 2021 21:04:48 +0200
+ -- Forensic artifacts <forensicartifacts@googlegroups.com>  Sun, 07 Nov 2021 17:26:29 +0100
diff --git a/data/windows.yaml b/data/windows.yaml
@@ -1381,6 +1381,14 @@ urls:
 - 'http://www.trendmicro.com/vinfo/us/threat-encyclopedia/malware/troj_ransom.smc7'
 - 'https://www.symantec.com/security_response/writeup.jsp?docid=2014-092314-3644-99&tabid=2'
 ---
+name: WindowsMountedDevices
+doc: Windows mounted devices
+sources:
+- type: REGISTRY_KEY
+  attributes: {keys: ['HKEY_LOCAL_MACHINE\System\MountedDevices']}
+supported_os: [Windows]
+urls: ['https://winreg-kb.readthedocs.io/en/latest/sources/system-keys/Mounted-devices.html']
+---
 name: WindowsMSDTCDLLs
 doc: Windows MSDTC attempts to load these DLLs on start
 sources:

diff --git a/docs/requirements.txt b/docs/requirements.txt
@@ -1,5 +1,5 @@
 docutils
 recommonmark
-sphinx >= 2.0.1,< 4.1.0
+sphinx >= 4.1.0
 sphinx-markdown-tables
 sphinx-rtd-theme >= 0.5.1
diff --git a/docs/sources/background/Stats.md b/docs/sources/background/Stats.md
@@ -3,24 +3,24 @@
 The artifact definitions can be found in the [data directory](https://github.com/ForensicArtifacts/artifacts/tree/main/data)
 and the format is described in detail in the [Style Guide](https://artifacts.readthedocs.io/en/latest/sources/Format-specification.html).
 
-Status of the repository as of 2021-10-12
+Status of the repository as of 2021-11-07
 
 Description | Number
 --- | ---
-Number of artifact definitions: | 577
-Number of file paths: | 1222
-Number of Windows Registry key paths: | 679
+Number of artifact definitions: | 580
+Number of file paths: | 1234
+Number of Windows Registry key paths: | 680
 
 ### Artifact definition source types
 
 Identifier | Number
 --- | ---
-ARTIFACT_GROUP | 24
+ARTIFACT_GROUP | 23
 COMMAND | 9
 DIRECTORY | 14
-FILE | 319
+FILE | 322
 PATH | 8
-REGISTRY_KEY | 53
+REGISTRY_KEY | 54
 REGISTRY_VALUE | 124
 WMI | 26
 
@@ -41,13 +41,14 @@ Authentication | 19
 Browser | 28
 Cloud | 2
 Cloud Storage | 4
-Configuration Files | 47
+Configuration Files | 48
+Containerd | 2
 Docker | 2
 External Media | 2
 ExternalAccount | 3
 Hadoop | 1
 History Files | 3
-Logs | 49
+Logs | 50
 Mail | 15
 Network | 17
 Software | 43

diff --git a/utils/update_version.sh → utils/update_release.sh b/utils/update_version.sh → utils/update_release.sh