-
Notifications
You must be signed in to change notification settings - Fork 0
Expand file tree
/
Copy pathCargo.toml
More file actions
81 lines (63 loc) · 1.34 KB
/
Cargo.toml
File metadata and controls
81 lines (63 loc) · 1.34 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
[package]
name = "tl"
version = "0.1.0"
edition = "2021"
description = "Rapid forensic triage timeline tool"
license = "MIT"
repository = "https://github.com/SecurityRonin/tl"
authors = ["Albert Hui"]
[dependencies]
# CLI
clap = { version = "4", features = ["derive"] }
# Collection handling
zip = "2"
percent-encoding = "2"
# NTFS
mft = "0.6"
ntfs = "0.4"
usnjrnl-forensic = { git = "https://github.com/SecurityRonin/usnjrnl-forensic.git" }
# Timestamps
chrono = { version = "0.4", features = ["serde"] }
nt-time = "0.8"
# TUI
ratatui = "0.29"
crossterm = "0.28"
# Data
serde = { version = "1", features = ["derive"] }
serde_json = "1"
csv = "1"
bodyfile = "0.1"
smallvec = { version = "1", features = ["serde"] }
bitflags = "2"
# Parallelism
rayon = "1"
# Search
regex = "1"
# Sigma rule parsing
serde_yaml = "0.9"
glob = "0.3"
# Error handling
anyhow = "1"
thiserror = "1"
# Registry parsing
nt_hive2 = "4.2.4"
# Logging
log = "0.4"
env_logger = "0.11"
# User activity artifact parsing
cfb = "0.14.0"
# Event log parsing
evtx = "0.11"
# XML parsing
quick-xml = "0.37"
# ESE database parsing (SRUM)
libesedb = "0.2"
tempfile = "3"
# SQLite parsing (browser history, ActivitiesCache)
rusqlite = { version = "0.32", features = ["bundled"] }
frnsc-prefetch = "0.13.3"
forensic-rs = "0.13.1"
[dev-dependencies]
tempfile = "3"
assert_cmd = "2"
predicates = "3"