Recent releases for pastelyzer

pastelyzer rel-0.8-beta

2019-12-30T13:59:09+00:00

pastelyzer rel-0.8.1-beta

2020-02-04T09:11:36+00:00

Short summary of changes since last release: - Updates to documentation. - Max heap memory usage reduced from 2GB to 1GB. - New command-line option: `--[no-]resolve-domains`. - Improved console output. - Remove shared library dependencies (runtime) when running in CLI mode.

pastelyzer rel-0.9-beta

2020-02-26T14:49:27+00:00

Changes since last release: - Database schema now is maintained by the application automatically. - New artefact class: `IP-SERVICE` (IPv4 address + port). - Artefacts are now stored in the database.

pastelyzer rel-0.10-beta

2020-06-15T13:34:59+00:00

- `discard` filter action can be used to get rid of unwanted artefacts. - **All** non-discarded artefacts are stored in database. - Artefacts now have `important` flag which can be set with `set-important` filter action. Artefacts marked important are highlighted in dashboard and the flag is also stored in the database. - Artefacts now have `note` slot which can be set with `set-note` filter action. This note is stored in the database along with the artefact. - No more `IMPORTANT-BANK-CARD` class ("important" flag can be used with `BANK-CARD-NUMBER` artefact instead). - Introduction of user sets — IPv4 networks, super-domains (multi-level) and bank card bins. Multiple sets of the same or different kinds can be loaded (previously with command-line options only one set of each kind could be used). - **Important**: the following command line options have been made redundant with the introduction of user sets: `--important-cc-bins`, `--interesting-tlds`, `--networks-file` and `--tlds-file`. Running `pastelyzer` in server mode with any of these options provided will show you sample configuration fragments you should integrate into your configuration instead. The relevant documentation is section "3.2 User sets" (and also section "3.6 Example configuration"). - **Important**: the default value of `--resolve-domains` option is no longer guessed (since `--networks-file` was removed). This means that domain resolution must be turned on explicitly. - Comparison filter functions (`<`, `=` and `>`) can also be used with strings. - `mixed-case?` filter predicate. - Additional extractors: - `note` - `source-string` - `bytes` - `context-before` - `context-after` - `source-context` - Discoveries are logged with `stat` instead of `hit`. - Added an ability to reprocess previously processed documents. Useful when upgrading to a new version of `pastelyzer` that changes (hopefully improves) the way documents are processed (like this version). The documentation mentions this, but so that users don't miss it: **Important**: if `pastelyzer` configuration contains rules to send emails or interact with other systems/programs then the reprocessing might trigger these rules again. It is therefore advisable to create a separate configuration file for reprocessing and either omit these rules or change them so that the information does not go to production systems. - An experimental API to query the database has been added (for cases when using `curl` and `jq` is preferable to SQL).

pastelyzer rel-0.11-beta

2021-01-22T13:08:10+00:00

Major new feature is `CMD-SINK` that allows to pass extracted artefacts to external processes (including scripts). Other changes: - CLI: option to extract artefacts. - CLI: duplicate artefacts are not shown by default, `--show-duplicates` option to show the duplicates. - `ONION` is no longer a sub-type of `DOMAIN`. - `source-url` extractor renamed to `origin` (it never returned URLs). - Store values into variables using (`^` filter expression). - `set-note` action can use values stored in variables. - Various fixes.

pastelyzer rel-0.11.1-beta

2021-01-22T15:01:18+00:00

Update release number in source code.