Skip to content

Malcolm v2.3.0
Compare
Choose a tag to compare
@mmguero mmguero released this 09 Sep 19:14
v2.3.0
07f7ba7
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

Malcolm v2.3.0 contains the following new features, improvements and bug fixes:

  • Carved file scanning improvements

    • Multiple file scanners can now be enabled concurrently (previously only one at a time was allowed)
    • Yara added as carved file scanner feeding signatures.log with Florian Roth's Signature-Base Yara ruleset enabled by default and the ability to provide other yara signatures under yara/rules under the Malcolm directory (see #148 and #14)

  • Bumped versions

  • Bug fixes

    • #150 docker-compose having issues with start and logs under macOS
    • Hedgehog was missing new environment variables for finer control of Zeek local policy behavior
    • miscellaneous tweaks to Docker and ISO images (mainly for file size)

v2.2.1...v2.3.0

Malcolm and Hedgehog Linux may be obtained by pulling or building the Docker images and/or building the ISO installer images as described in the documentation. Unofficial ISO installer images for Malcolm and Hedgehog Linux are not hosted on Github, but may be downloaded from https://malcolm.fyi/download/.

Assets 7
Loading