Merge pull request #1226 from mandiant/package-update

🤖 Package update
mandiant · Jan 22, 2025 · a34d650 · a34d650
2 parents 8f070c2 + 1bf7e7c
commit a34d650
Show file tree

Hide file tree

Showing 30 changed files with 52 additions and 52 deletions.
diff --git a/packages/apktool.vm/apktool.vm.nuspec b/packages/apktool.vm/apktool.vm.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>apktool.vm</id>
-    <version>2.10.0</version>
+    <version>2.11.0</version>
     <authors>Connor Tumbleson, Ryszard Wisniewski</authors>
     <description>A tool for reverse engineering 3rd party, closed, binary Android apps.</description>
     <dependencies>

diff --git a/packages/apktool.vm/tools/chocolateyinstall.ps1 b/packages/apktool.vm/tools/chocolateyinstall.ps1
@@ -15,8 +15,8 @@ try {
 
   # Download apktool.jar
   $toolPath = Join-Path $rawToolPath "$toolName.jar"
-  $toolSource = 'https://github.com/iBotPeaches/Apktool/releases/download/v2.10.0/apktool_2.10.0.jar'
-  $toolChecksum = "c0350abbab5314248dfe2ee0c907def4edd14f6faef1f5d372d3d4abd28f0431"
+  $toolSource = 'https://github.com/iBotPeaches/Apktool/releases/download/v2.11.0/apktool_2.11.0.jar'
+  $toolChecksum = "8fdc17c6fe2e6d80d71b8718eb2a5d0379f1cc7139ae777f6a499ce397b26f54"
   Get-ChocolateyWebFile -PackageName $toolName -FileFullPath $toolPath -Url $toolSource -Checksum $toolChecksum -ChecksumType "sha256"
   VM-Assert-Path $toolPath
 

diff --git a/packages/bytecodeviewer.vm/bytecodeviewer.vm.nuspec b/packages/bytecodeviewer.vm/bytecodeviewer.vm.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>bytecodeviewer.vm</id>
-    <version>2.12</version>
+    <version>2.13.0</version>
     <authors>Konloch</authors>
     <description>A lightweight user-friendly Java/Android Bytecode Viewer, Decompiler and more.</description>
     <dependencies>

diff --git a/packages/bytecodeviewer.vm/tools/chocolateyinstall.ps1 b/packages/bytecodeviewer.vm/tools/chocolateyinstall.ps1
@@ -4,7 +4,7 @@ Import-Module vm.common -Force -DisableNameChecking
 $toolName = 'Bytecode Viewer'
 $category = 'Java & Android'
 
-$exeUrl = 'https://github.com/Konloch/bytecode-viewer/releases/download/v2.12/Bytecode-Viewer-2.12.jar'
-$exeSha256 = 'dc5f6669409d7d0bbba40c735875a39960c1777f11bb13a1819bb12917808c5c'
+$exeUrl = 'https://github.com/Konloch/bytecode-viewer/releases/download/v2.13.0/Bytecode-Viewer-2.13.0.jar'
+$exeSha256 = 'ea82b3e7ea3149fbe467cbb9a5fd8d69f907ccbe32437fcba577149f9c858960'
 
 VM-Install-Single-Exe $toolName $category $exeUrl -exeSha256 $exeSha256
diff --git a/packages/chainsaw.vm/chainsaw.vm.nuspec b/packages/chainsaw.vm/chainsaw.vm.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>chainsaw.vm</id>
-    <version>2.10.1</version>
+    <version>2.11.0</version>
     <authors>WithSecure Labs</authors>
     <description>Chainsaw provides a powerful 'first-response' capability to quickly identify threats within Windows forensic artefacts such as Event Logs and the MFT file.</description>
     <dependencies>

diff --git a/packages/chainsaw.vm/tools/chocolateyinstall.ps1 b/packages/chainsaw.vm/tools/chocolateyinstall.ps1
@@ -4,8 +4,8 @@ Import-Module vm.common -Force -DisableNameChecking
 $toolName = 'chainsaw'
 $category = 'Forensic'
 
-$zipUrl = 'https://github.com/WithSecureLabs/chainsaw/releases/download/v2.10.1/chainsaw_all_platforms+rules.zip'
-$zipSha256 = '767c13000cca26adb23f3f320d2bd3fef78977ea50389658c1d5be941a90881e'
+$zipUrl = 'https://github.com/WithSecureLabs/chainsaw/releases/download/v2.11.0/chainsaw_all_platforms+rules.zip'
+$zipSha256 = 'a67f1fbd57efa02c281cad892b9e0b6f90ccc99035961935048191d055a543b7'
 
 $executableName = $toolName + "_x86_64-pc-windows-msvc.exe"
 

diff --git a/packages/cygwin.vm/cygwin.vm.nuspec b/packages/cygwin.vm/cygwin.vm.nuspec
@@ -2,12 +2,12 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>cygwin.vm</id>
-    <version>3.5.4</version>
+    <version>3.5.5</version>
     <description>Wrapper for cygwin and useful cygwin packages</description>
     <authors>Red Hat Inc.</authors>
     <dependencies>
       <dependency id="common.vm" />
-      <dependency id="cygwin" version="[3.5.4]" />
+      <dependency id="cygwin" version="[3.5.5]" />
     </dependencies>
   </metadata>
 </package>
diff --git a/packages/dokan.vm/dokan.vm.nuspec b/packages/dokan.vm/dokan.vm.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>dokan.vm</id>
-    <version>2.2.0</version>
+    <version>2.2.1</version>
     <authors>kacos2000</authors>
     <description>Dokan simplifies the creation of custom file systems on Windows without the complexity of developing kernel-level drivers, offering an accessible solution for file system development, similar to FUSE on Linux.</description>
     <dependencies>

diff --git a/packages/dokan.vm/tools/chocolateyinstall.ps1 b/packages/dokan.vm/tools/chocolateyinstall.ps1
@@ -3,8 +3,8 @@ Import-Module vm.common -Force -DisableNameChecking
 
 $toolName = 'Dokan'
 
-$exeUrl = 'https://github.com/dokan-dev/dokany/releases/download/v2.2.0.1000/Dokan_x64.msi'
-$exeSha256 = 'ccab902e93ab133ef352a81ee6ff8b7b1668d732dc228aeefc86f9eefc31fdfa'
+$exeUrl = 'https://github.com/dokan-dev/dokany/releases/download/v2.2.1.1000/Dokan_x64.msi'
+$exeSha256 = '9e08fdff1ec014b1a2478561951d6647905e9d2980248ef1868e166560556658'
 
 $fileType = 'MSI'
 $silentArgs = '/qn /norestart'

diff --git a/packages/exiftool.vm/exiftool.vm.nuspec b/packages/exiftool.vm/exiftool.vm.nuspec
@@ -2,12 +2,12 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>exiftool.vm</id>
-    <version>13.6.0</version>
+    <version>13.14.0</version>
     <authors>Phil Harvey</authors>
     <description>A tool for reeding and writing file metadata</description>
     <dependencies>
       <dependency id="common.vm" />
-      <dependency id="exiftool" version="[13.6.0]" />
+      <dependency id="exiftool" version="[13.14.0]" />
     </dependencies>
   </metadata>
 </package>

diff --git a/packages/hayabusa.vm/hayabusa.vm.nuspec b/packages/hayabusa.vm/hayabusa.vm.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>hayabusa.vm</id>
-    <version>2.19.0</version>
+    <version>3.0.1</version>
     <authors>Yamato Security</authors>
     <description>Windows event log fast forensics timeline generator and threat hunting tool</description>
     <dependencies>

diff --git a/packages/hayabusa.vm/tools/chocolateyinstall.ps1 b/packages/hayabusa.vm/tools/chocolateyinstall.ps1
@@ -4,9 +4,9 @@ Import-Module vm.common -Force -DisableNameChecking
 $toolName = 'hayabusa'
 $category = 'Forensic'
 
-$zipUrl = "https://github.com/Yamato-Security/hayabusa/releases/download/v2.19.0/hayabusa-2.19.0-win-x64.zip"
-$zipSha256 = 'cfac8c98aae65b1508fd4f922292962a50b8478a5f9958e22258d3512adacc5b'
+$zipUrl = "https://github.com/Yamato-Security/hayabusa/releases/download/v3.0.1/hayabusa-3.0.1-win-x64.zip"
+$zipSha256 = 'e3d732dc0deb9c0ad623364b6fdea3dcd744123821bf1843ec2943f084a7fd19'
 
-$executableName = $toolName.ToLower() + "-2.19.0-win-x64.exe"
+$executableName = $toolName.ToLower() + "-3.0.1-win-x64.exe"
 
 VM-Install-From-Zip $toolName $category $zipUrl -zipSha256 $zipSha256 -consoleApp $true -innerFolder $false -executableName $executableName
diff --git a/packages/hollowshunter.vm/hollowshunter.vm.nuspec b/packages/hollowshunter.vm/hollowshunter.vm.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>hollowshunter.vm</id>
-    <version>0.3.9.20240411</version>
+    <version>0.4.0</version>
     <authors>hasherezade</authors>
     <description>Scans all running processes. Recognizes and dumps a variety of potentially malicious implants (replaced/implanted PEs, shellcodes, hooks, in-memory patches).</description>
     <dependencies>

diff --git a/packages/hollowshunter.vm/tools/chocolateyinstall.ps1 b/packages/hollowshunter.vm/tools/chocolateyinstall.ps1
@@ -4,10 +4,10 @@ Import-Module vm.common -Force -DisableNameChecking
 $toolName = 'hollows_hunter'
 $category = 'Memory'
 
-$zipUrl = 'https://github.com/hasherezade/hollows_hunter/releases/download/v0.3.9/hollows_hunter32.zip'
-$zipSha256 = '3d96a22ea46952600e13bd1886314e3f0103750faa6bc79353851a15cf6d3431'
-$zipUrl_64 = 'https://github.com/hasherezade/hollows_hunter/releases/download/v0.3.9/hollows_hunter64.zip'
-$zipSha256_64 = 'f3ca153d51e32e892e2d8193307e5c75b82a3043072079fffa72c35c85d62bba'
+$zipUrl = 'https://github.com/hasherezade/hollows_hunter/releases/download/v0.4.0/hollows_hunter32.zip'
+$zipSha256 = '42773616f35e29929ece409e65a6706f78e7619c755d33dd2a9f25713d4b172b'
+$zipUrl_64 = 'https://github.com/hasherezade/hollows_hunter/releases/download/v0.4.0/hollows_hunter64.zip'
+$zipSha256_64 = 'a7267844674184319047b4874fe283535f623ee2d18dfb2704c541c7cdd7712d'
 
 VM-Install-From-Zip $toolName $category $zipUrl -zipSha256 $zipSha256 -zipUrl_64 $zipUrl_64 -zipSha256_64 $zipSha256_64 -consoleApp $true
 
diff --git a/packages/ida.plugin.xrefer.vm/ida.plugin.xrefer.vm.nuspec b/packages/ida.plugin.xrefer.vm/ida.plugin.xrefer.vm.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>ida.plugin.xrefer.vm</id>
-    <version>1.0.0</version>
+    <version>1.0.3</version>
     <description>Custom navigation interface within IDA.</description>
     <authors>Muhammad Umair</authors>
     <dependencies>

diff --git a/packages/ida.plugin.xrefer.vm/tools/chocolateyinstall.ps1 b/packages/ida.plugin.xrefer.vm/tools/chocolateyinstall.ps1
@@ -6,8 +6,8 @@ try {
     VM-Pip-Install $dependencies
 
     $pluginName = 'xrefer.py'
-    $pluginUrl = 'https://github.com/mandiant/xrefer/archive/refs/tags/v1.0.0.zip'
-    $pluginSha256 = '8c1b5cee59674e104e0bac20f908e9b3cf17af25b18b3ed80a845b62b257e7f1'
+    $pluginUrl = 'https://github.com/mandiant/xrefer/archive/refs/tags/v1.0.3.zip'
+    $pluginSha256 = '631538a17dd5c4b99f530eb53ebbf67c8c3a915d4953178b14f234a0f9fb9d6f'
 
     VM-Install-IDA-Plugin -pluginName $pluginName -pluginUrl $pluginUrl -pluginSha256 $pluginSha256
 } catch {

diff --git a/packages/notepadplusplus.vm/notepadplusplus.vm.nuspec b/packages/notepadplusplus.vm/notepadplusplus.vm.nuspec
@@ -2,12 +2,12 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>notepadplusplus.vm</id>
-    <version>8.7.4</version>
+    <version>8.7.5</version>
     <description>Wrapper for Notepad++</description>
     <authors>Don Ho</authors>
     <dependencies>
       <dependency id="common.vm" />
-      <dependency id="notepadplusplus" version="[8.7.4]" />
+      <dependency id="notepadplusplus" version="[8.7.5]" />
     </dependencies>
   </metadata>
 </package>
diff --git a/packages/openvpn.vm/openvpn.vm.nuspec b/packages/openvpn.vm/openvpn.vm.nuspec
@@ -2,12 +2,12 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>openvpn.vm</id>
-    <version>2.6.12</version>
+    <version>2.6.13</version>
     <authors>OpenVPN Technologies Inc</authors>
     <description>OpenVPN is a full-featured open source SSL VPN solution that accommodates a wide range of configurations.</description>
     <dependencies>
       <dependency id="common.vm" />
-      <dependency id="openvpn" version="[2.6.12.1]" />
+      <dependency id="openvpn" version="[2.6.13.1]" />
     </dependencies>
   </metadata>
 </package>
diff --git a/packages/pesieve.vm/pesieve.vm.nuspec b/packages/pesieve.vm/pesieve.vm.nuspec
@@ -2,12 +2,12 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>pesieve.vm</id>
-    <version>0.3.9.20240305</version>
+    <version>0.4.0</version>
     <authors>hasherezade</authors>
     <description>pe-sieve recognizes and dumps variety of implants within the scanned process.</description>
     <dependencies>
       <dependency id="common.vm" />
-      <dependency id="pesieve" version="[0.3.9]" />
+      <dependency id="pesieve" version="[0.4.0]" />
     </dependencies>
   </metadata>
 </package>
diff --git a/packages/sharphound.vm/sharphound.vm.nuspec b/packages/sharphound.vm/sharphound.vm.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>sharphound.vm</id>
-    <version>2.5.9</version>
+    <version>2.5.13</version>
     <authors>specterops</authors>
     <description>SharpHound is an Active Directory ingester tool for BloodHound.</description>
     <dependencies>

diff --git a/packages/sharphound.vm/tools/chocolateyinstall.ps1 b/packages/sharphound.vm/tools/chocolateyinstall.ps1
@@ -4,7 +4,7 @@ Import-Module vm.common -Force -DisableNameChecking
 $toolName = 'SharpHound'
 $category = 'Reconnaissance'
 
-$zipUrl = 'https://github.com/BloodHoundAD/SharpHound/releases/download/v2.5.9/SharpHound-v2.5.9.zip'
-$zipSha256 = '98860d5110dbc81f0e83681a6977bbefe0b987f98346847a35b254ec5c0994aa'
+$zipUrl = 'https://github.com/BloodHoundAD/SharpHound/releases/download/v2.5.13/SharpHound-v2.5.13.zip'
+$zipSha256 = '9df25d2a8a999c9871639c8e53bedf3bcdfc5c1c6250f77e8d416c38c167121f'
 
 VM-Install-From-Zip $toolName $category $zipUrl -zipSha256 $zipSha256
diff --git a/packages/sqlrecon.vm/sqlrecon.vm.nuspec b/packages/sqlrecon.vm/sqlrecon.vm.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>sqlrecon.vm</id>
-    <version>3.8</version>
+    <version>3.9</version>
     <authors>Sanjiv Kawa, Rasta Mouse</authors>
     <description>MSSQL toolkit for reconnaissance and post-exploitation</description>
     <dependencies>

diff --git a/packages/sqlrecon.vm/tools/chocolateyinstall.ps1 b/packages/sqlrecon.vm/tools/chocolateyinstall.ps1
@@ -4,7 +4,7 @@ Import-Module vm.common -Force -DisableNameChecking
 $toolName = 'SQLRecon'
 $category = 'Exploitation'
 
-$exeUrl = 'https://github.com/skahwah/SQLRecon/releases/download/v3.8/SQLRecon.exe'
-$exeSha256 = '979e62d0b229c4e988ea4b655cd7d26a992c3eb1457c9418b6ac42ad79f4d756'
+$exeUrl = 'https://github.com/skahwah/SQLRecon/releases/download/v3.9/SQLRecon.exe'
+$exeSha256 = 'ec7cc5641356b27e2e4654e043382708d3fda1ede7989849f40832631e800566'
 
 VM-Install-Single-Exe $toolName $category $exeUrl -exeSha256 $exeSha256
diff --git a/packages/systeminformer.vm/systeminformer.vm.nuspec b/packages/systeminformer.vm/systeminformer.vm.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>systeminformer.vm</id>
-    <version>3.1.24333</version>
+    <version>3.2.25016</version>
     <authors>winsiderss</authors>
     <description>A free, powerful, multi-purpose tool that helps you monitor system resources, debug software and detect malware.</description>
     <dependencies>

diff --git a/packages/systeminformer.vm/tools/chocolateyinstall.ps1 b/packages/systeminformer.vm/tools/chocolateyinstall.ps1
@@ -4,8 +4,8 @@ Import-Module vm.common -Force -DisableNameChecking
 $toolName = 'SystemInformer'
 $category = 'Utilities'
 
-$zipUrl = 'https://github.com/winsiderss/si-builds/releases/download/3.1.24333/systeminformer-3.1.24333-release-bin.zip'
-$zipSha256 = 'de26c2da3b020df369d8bfa779161a6e762e5632b1a283acfbdba0bd88b0512d'
+$zipUrl = 'https://github.com/winsiderss/si-builds/releases/download/3.2.25016/systeminformer-3.2.25016-release-bin.zip'
+$zipSha256 = '6be4867d42acbabf11e371a9cdeacd2f1c697d24ee55c3ef4de2f447bf0c559b'
 $executableName = "amd64\$toolName.exe"
 
 VM-Install-From-Zip $toolName $category $zipUrl -zipSha256 $zipSha256 -executableName $executableName -consoleApp $false
diff --git a/packages/tor-browser.vm/tor-browser.vm.nuspec b/packages/tor-browser.vm/tor-browser.vm.nuspec
@@ -2,12 +2,12 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>tor-browser.vm</id>
-    <version>14.0.3</version>
+    <version>14.0.4</version>
     <authors>Tor Project</authors>
     <description>The Tor software protects you by bouncing your communications around a distributed network of relays run by volunteers all around the world.</description>
     <dependencies>
       <dependency id="common.vm" />
-      <dependency id="tor-browser" version="[14.0.3]" />
+      <dependency id="tor-browser" version="[14.0.4]" />
     </dependencies>
   </metadata>
 </package>
diff --git a/packages/total-registry.vm/tools/chocolateyinstall.ps1 b/packages/total-registry.vm/tools/chocolateyinstall.ps1
@@ -4,7 +4,7 @@ Import-Module vm.common -Force -DisableNameChecking
 $toolName = 'TotalReg'
 $category = 'Registry'
 
-$exeUrl = 'https://github.com/zodiacon/TotalRegistry/releases/download/v0.9.7.9/TotalReg.exe'
-$exeSha256 = 'e83ae98b6492e22d05e6c49240fda8e4dd68f24c5cf79afc854d5441e7e91f80'
+$exeUrl = 'https://github.com/zodiacon/TotalRegistry/releases/download/v0.9.8/TotalReg.exe'
+$exeSha256 = 'e5b603efad3138900df44735e7b430bfd1bc5e34a265c7e92c01e444e848b211'
 
 VM-Install-Single-Exe $toolName $category $exeUrl -exeSha256 $exeSha256 -consoleApp $false
diff --git a/packages/total-registry.vm/total-registry.vm.nuspec b/packages/total-registry.vm/total-registry.vm.nuspec
@@ -2,7 +2,7 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>total-registry.vm</id>
-    <version>0.9.7.20241122</version>
+    <version>0.9.8</version>
     <authors>Pavel Yosifovich</authors>
     <description>Replacement for the Windows built-in Regedit.exe tool with improved features.</description>
     <dependencies>

diff --git a/packages/vscode.vm/vscode.vm.nuspec b/packages/vscode.vm/vscode.vm.nuspec
@@ -2,12 +2,12 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>vscode.vm</id>
-    <version>1.95.3</version>
+    <version>1.96.4</version>
     <authors>Microsoft</authors>
     <description>VSCode is a modern, open-source code editor.</description>
     <dependencies>
       <dependency id="common.vm" />
-      <dependency id="vscode" version="[1.95.3]" />
+      <dependency id="vscode" version="[1.96.4]" />
     </dependencies>
   </metadata>
 </package>
diff --git a/packages/wireshark.vm/wireshark.vm.nuspec b/packages/wireshark.vm/wireshark.vm.nuspec
@@ -2,13 +2,13 @@
 <package xmlns="http://schemas.microsoft.com/packaging/2015/06/nuspec.xsd">
   <metadata>
     <id>wireshark.vm</id>
-    <version>4.4.2.20250108</version>
+    <version>4.4.3</version>
     <description>Wireshark lets you capture and interactively browse the traffic running on a computer network.</description>
     <authors>Gerald Combs, Wireshark team</authors>
     <dependencies>
       <dependency id="common.vm" />
       <dependency id="npcap.vm" />
-      <dependency id="wireshark" version="[4.4.2]" />
+      <dependency id="wireshark" version="[4.4.3]" />
     </dependencies>
   </metadata>
 </package>