Releases: SolitudePy/LFC
LFC v1.2.0
Following major features were added:
- π‘ TCP Streaming: Stream collected artifacts directly to a remote destination over TCP, eliminating the need for local storage.
Minor features
- osqueryi-path [custom osqueryi path]
- dynamic hostname_timestamp OUTPUT_DIR
- new artifacts (cron.[allow|deny], /etc/ld.so.preload)
Full Changelog: v1.1.0...v1.2.0
v1.1.0
LFC v1.1.0
Following features were added:
- π‘οΈ Osquery Integration: Leverages osquery for flexible and structured system data collection.
- π More comprehensive logging
Full Changelog: v1.0.0...v1.1.0
v1.0.0
First release of LFC v1.0.0 with the following features:
π Rapid Execution: Ensures timely data acquisition during critical incidents.
π» Comprehensive System Enumeration: Gathers extensive details about hardware, OS, kernel, installed packages, active services, disk configurations, environment variables, system logs, and user activities.
βοΈ In-depth Process Analysis: Provides detailed process listings, hierarchical trees, detection of deleted binaries, memory mapping, and file descriptor information, leveraging the /proc filesystem.
π Thorough Network Forensics: Captures network interface configurations, active connections, routing tables, firewall rules, and socket information.
β±οΈ Timeline Generation: Creates a TSK v3 compatible bodyfile for chronological event analysis.
π Executable Integrity Verification: Performs SHA256 hashing of all executable files to ensure integrity.