-
CIRCL offers a free and best-effort API to lookup hashes called [hashlookup](https://hashlookup.circl.lu/) from known sources such as NSRL. There is an OpenAPI interface. It might be useful for Shuffl…
-
While troubleshooting https://github.com/log2timeline/plaso/issues/1036 ran into following issue:
```
Traceback (most recent call last):
File "tools/psort.py", line 869, in
if not Main():…
-
The Docker pipeline in scanpipe should be extended to analyze Windows Docker images in the same way we analyze Debian Docker images. Since Windows does not use a central package manager or any other t…
-
While trying to import the latest NSRL database, IPED 3.18.6 returned a NullPointer Exception error.
Debugging the KFFTask.java class I've noticed that there is no check for Null values, which caus…
-
There is no interface to import and process generic hashsets.
-
Currently, files found in NSRL and not tagged in NSRL nor listed in KFFTaskConfig.txt as "alert" are tagged as "ignorable". That may not be true depending on use case. Furthermore, that makes updating…
-
Adding new files to NSRL KFF database is slow and not so easy.
Is it possible to create a functionality to import a list of hashes from a CSV file, to create a custom KFF database?
The funcionalit…
-
**Describe the bug**
Somewhere between 1.3.24 and 1.4.0 the treatment of empty tuples used with `in_` changed. In 1.3.x, an empty tuple was omitted from the compiled query. In 1.4.x, I see that the…
-
Currently if more than one program points to the same hash in NSRL (e.g. some common dll library), just the last reference is stored in the current database. We should store all hash occurrences.
W…
-
Not sure if it was dealed in another issue, but I want to know if the latest version of LED (1.29) is incompatible to IPED? Tried to run some processing using it, but got some errors. If it is, I woul…